[Home] [Groups] - Message: [Prev in Group] [Next in Group]
20127: RE: [MUD-Dev] Grief players with ip/dns spoofers
[Full Header] [Plain Text]
From: Robert Fleck <rfleck@cigital.com>
Newsgroups: nu.kanga.list.mud-dev
Date: Mon, 23 Jul 2001 13:34:28 -0400
Organization: Kanga.Nu
> From: Greg Underwood [mailto:gunderwoodhsd@earthlink.net]
> At 10:08 PM 7/12/01 -0700, Sean Kelly wrote:
>> From: "Tand'a-ur" <tandaur@ix.netcom.com>
>>> Hi, long time lurker here, and I've just about had it with a few
>>> troublemakers that like to frequent my MUD. Banning doesn't
>>> work because they have ip spoofers and will just come back with
>>> another made up ip. I was wondering if there is a way to detect
>>> a phony ip and just flat out deny connections to them.
>> Unless I'm misinformed, there is no way to maintain an
>> interactive session with a spoofed IP. What happens is that the
>> response packets go to whatever that IP is and not back to the
>> originator.
> This is my understanding of it as well. Any responses go back to
> the faked IP address. All you can accomplish with an IP spoof is
> to ......
Well, in certain conditions you could do it successfully. For
example if the ip you are spoofing is on the same segment as you, or
routed through your segment, you can see the responses... This
works best if you have some way to ensure that the spoofed client
won't make any noise about the anomalous packets smashing into it.
There are other situations where it can happen too, but we are
talking serious protocol voodoo.
Check out Intravenous @ www.packetninja.net
Bob Fleck
<Tycho@Lost Souls>
_______________________________________________
MUD-Dev mailing list
MUD-Dev@kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev