[Home] [Groups] - Message: [Prev in Group] [Next in Group]
20216: Re: [MUD-Dev] Grief players with ip/dns spoofers
[Full Header] [Plain Text]
From: J C Lawrence <claw@2wire.com>
Newsgroups: nu.kanga.list.mud-dev
Date: Wed, 25 Jul 2001 22:57:45 -0700
References: [1]
Organization: Kanga.Nu
On Mon, 23 Jul 2001 13:34:28 -0400
Robert Fleck <rfleck@cigital.com> wrote:
>> From: Greg Underwood [mailto:gunderwoodhsd@earthlink.net] At
>> 10:08 PM 7/12/01 -0700, Sean Kelly wrote:
>>> From: "Tand'a-ur" <tandaur@ix.netcom.com>
>> This is my understanding of it as well. Any responses go back to
>> the faked IP address. All you can accomplish with an IP spoof is
>> to ......
> Well, in certain conditions you could do it successfully. For
> example if the ip you are spoofing is on the same segment as you,
> or routed through your segment, you can see the responses... This
> works best if you have some way to ensure that the spoofed client
> won't make any noise about the anomalous packets smashing into it.
This is actually fairly easy to do. Its called NAT (network address
translation). Stick a NAT box in front of your client that picks up
the packets in promiscuous mode (unless you can get the router to
rewrite the MAC to you) and then deliver on to the client.
> There are other situations where it can happen too, but we are
> talking serious protocol voodoo.
Not really. SOCKS bounces are quite old now and are trivial to do.
--
J C Lawrence )\._.,--....,'``.
---------(*) /, _.. \ _\ ;`._ ,.
claw@kanga.nu `._.-(,_..'--(,_..'`-.;.'
http://www.kanga.nu/~claw/ Oh Freddled Gruntbuggly
_______________________________________________
MUD-Dev mailing list
MUD-Dev@kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev