Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

IP spoofing

0 views
Skip to first unread message

magicm...@hotmail.com

unread,
Jun 2, 1997, 3:00:00 AM6/2/97
to


Hello and thanks for reading this...

I was under the impression that IP spoofing didnt work.
After seeing nicks with email ident Billg!Bi...@microsoft.com,
crazy!se...@your.mom.is.sexy.net etc... I have changed my mind.

How does IP spoof work and under what environment.. I know it
doesnt work for windows (thank god for that !) probably works
under Unix. All the documentation available on the web is too
technical to make out. My questions are

1. Does one need root access to run an IP spoofer;

2. Is it possible to run it from a Shell account (from a machine
which is connected to the internet) where there are hundreds of other
users without affecting their IPs...

3. I came across the source code for ipspoof.c .. how does one
compile it and run on Unix...or can it be run as a shell script?
and can this be run safely without affecting the system..
(my intentions are without malice in mind... dont mistake me for a
hacker... :) just for test purposes)


4. I am sure with the passage of time, someone will make it possible
for IP spoofing to work under Windows as well... what steps are being
taken to prevent this...and if it happens wont there be chaos on chat
nets?

Many thanks and happy Ircing..

Mageek (Cadabra if the nick is in use ;)

-------------------==== Posted via Deja News ====-----------------------
http://www.dejanews.com/ Search, Read, Post to Usenet

Arnold Hendriks

unread,
Jun 2, 1997, 3:00:00 AM6/2/97
to

magicm...@hotmail.com wrote:
> I was under the impression that IP spoofing didnt work.
> After seeing nicks with email ident Billg!Bi...@microsoft.com,
> crazy!se...@your.mom.is.sexy.net etc... I have changed my mind.
If that's the exact domain, they're more likely messing around with the
server's DNS, than spoofing

root /dev/tty2 core:$whois sexy.net
[rs.internic.net]
NS1.WEBSERVICES.NET 194.106.36.1
root /dev/tty2 core:$nslookup - ns1.webservices.net
Default Server: renoir.webservices.net
Address: 194.106.36.1

> your.mom.is.sexy.net
Server: renoir.webservices.net
Address: 194.106.36.1

*** No address (A) records available for your.mom.is.sexy.net
> your.mom.is.sexy.net.
Server: renoir.webservices.net
Address: 194.106.36.1

*** renoir.webservices.net can't find your.mom.is.sexy.net.: Non-existent host/domain


IOW: There is no IP for "your.mom.is.sexy.net", and it's not very easy to
spoof IP for something that has no IP address


(also, I doubt that a "identd lookup" would succeed if someone is ip
spoofing, so there should be a ~ in the username - but there isn't any)

((all assuming you're typing in the exact nick!user@host as seen on irc))

> under Unix. All the documentation available on the web is too
> technical to make out. My questions are

Thank god it's too technical.

> (my intentions are without malice in mind... dont mistake me for a
> hacker... :) just for test purposes)

what would you need to test? IP spoofing is possible. If you do it, you'll
have a send-only connection. what new things did you think of that need
testing anyway ?


> taken to prevent this...and if it happens wont there be chaos on chat
> nets?

as I understand, not every OS is vulnerable to spoofing attacks. And there
are nospoof attacks, and hopefully, sooner or later routers just drop
spoofed packets.

--
Arnold Hendriks PGP: 75929DC1 92F16DA4865AAE50 CF78015B18941840
unilynx$irc.icenet.org Finger jbu...@worldonline.nl for key

0 new messages