Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 10-17-2005, 06:53 PM   #1
Baseband Member
 
thecoolkid's Avatar
 
Join Date: Feb 2005
Posts: 91
Default Spoofing IP Addresses

I'm curious about spoofing IP Addresses. RewtGuy mentioned something about how raw sockets were enabled in Windows XP. How does that effect the spoofing of an ip? Just curious...

-thecoolkidontheblock
__________________

__________________
"Computers are one per cent inspiration and ninety-nine per cent perspiration. Accordingly, a 'computer' is often merely a talented machine who has done all of its homework."

-Thomas Edison, Modern Day.
thecoolkid is offline   Reply With Quote
Old 10-17-2005, 09:34 PM   #2
In Runtime
 
elmonomalo's Avatar
 
Join Date: Jul 2005
Posts: 307
Default Re: Spoofing IP Addresses

http://grc.com/dos/winxp.htm
(a readup on why windows xp can be exploited.... hope it helps)
__________________

__________________
"Power never takes a back step - only in the face of more power
-Malcolm X
elmonomalo is offline   Reply With Quote
Old 10-18-2005, 05:45 PM   #3
Beta Member
 
Join Date: Oct 2005
Posts: 3
Default Re: Spoofing IP Addresses

Proxies, simple and effective also try setting up your own SSH Tunnel and you can route your traffic through it (i.e. Set on up at work so you can route your Internet traffic through the work computer) therefore you are only really using 1 ip address. Then again just use a proxy if you want to like go on a forum you have been blocked from I am not really sure on your intentions.
Tony_Portman is offline   Reply With Quote
Old 10-19-2005, 05:01 PM   #4
In Runtime
 
Join Date: Sep 2005
Posts: 143
Send a message via AIM to EVILISCIOUS Send a message via MSN to EVILISCIOUS
Default Re: Spoofing IP Addresses

If you want to spoof an IP or rather "IPs" without using a proxy, use a randomizer program. There are many..use googlebot.com
EVILISCIOUS is offline   Reply With Quote
Old 10-19-2005, 11:02 PM   #5
Solid State Member
 
Join Date: Oct 2005
Posts: 13
Default Re: Spoofing IP Addresses

so many tools available for this. try JAP, a program with so many options and proxys.
precisesecurity is offline   Reply With Quote
Old 10-22-2005, 01:00 PM   #6
Baseband Member
 
tja365's Avatar
 
Join Date: Oct 2005
Posts: 44
Default Re: Spoofing IP Addresses

ya JAP is the way to go just google JAP.
tja365 is offline   Reply With Quote
Old 10-23-2005, 04:18 PM   #7
Baseband Member
 
thecoolkid's Avatar
 
Join Date: Feb 2005
Posts: 91
Default Re: Spoofing IP Addresses

I'm not referring to spoofing the browser ip address. I am referring spoofing an ip address when connecting to another computer.

-thecoolkidontheblock
__________________
"Computers are one per cent inspiration and ninety-nine per cent perspiration. Accordingly, a 'computer' is often merely a talented machine who has done all of its homework."

-Thomas Edison, Modern Day.
thecoolkid is offline   Reply With Quote
Old 10-26-2005, 01:11 AM   #8
Beta Member
 
Join Date: Oct 2005
Posts: 4
Default Re: Spoofing IP Addresses

Cain & Abel
http://www.oxid.it/cain.html
MaliciousData is offline   Reply With Quote
Old 10-27-2005, 09:34 AM   #9
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,007
Default Re: Spoofing IP Addresses

Quote:
Originally Posted by elmonomalo
http://grc.com/dos/winxp.htm
(a readup on why windows xp can be exploited.... hope it helps)
w00t...

grc just has something against XP...

raw sockets have ben available in UNIX and Linux since they were first invented...

Network communication happens with network packets.
thats to say that when you read this, the entire post doesn't arrive all at once, it arrives in small chunks that are seperated by the server, numbered and then pieced back together by your browser at the other end...

each packet contains a source address and a desitnation address, and of course the information.

IP spoofing is possible with raw socket access because the network socket *can* be modified, or rather the packet *can8 be modified so that the destination address is different.

Denial of service attacks work in a couple of ways,
the first is packet flooding, where a lot of packets are sent at once, every packet has to be sent, then recieved, then confirmed and acknowledged (google for syn ack), (it's a five part tcp handshake procedure).
flooding the address means that the server doesn't have time to respond to all packets and thus becomes unavailable to people since they packet times out.
this is why some news servers go offline after major events. (like after 911, lots of traffic meant that some news servers were literally offline).

second method.
Forging the packet headers to give a false IP address meant that the five way handshake can never be properly done.
since there is never a reply...

person a sends packet to server A with forged headre pointing to person B
SYN?
server a responds to person B
SYNACK?

person B ignors the packet snice it didn't send a packet.

server A waits for a response...


there is only enough space for (top of head remembering) 5 packets in the TCP IP stack...
so five spoofed packets bring down the server since the TCPIP stack is full...
the server has to wait until the TTL (time to live) of the packet is expired before it can delete it from the stack...

thus, yes, raw packet access does mean that hosts can be brought down... but blaming microsoft is a stupidly ignorant/uneducated thing to do, especially coming from the suposable security expert that gibson is.


as for how to spoof a packet...
goggle it. I'm sure you'l find some thing that fully confuses you more than that did! (if it did).
__________________
I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote
Old 10-27-2005, 07:53 PM   #10
Daemon Poster
 
RewtGuy's Avatar
 
Join Date: Dec 2004
Posts: 595
Send a message via AIM to RewtGuy
Default Re: Spoofing IP Addresses

Eh, I don't know weither Gibson likes Microsoft or not, but what did they need raw sockets for? Giving the general public raw sockets is just be begging to be abused.
__________________

__________________
Windows: A thirty-two bit extension and GUI shell to a sixteen bit patch to an eight bit operating system originally coded for a four bit microprocessor and sold by a two-bit company that can't stand one bit of competition.
RewtGuy is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 12:42 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0