Home > Archive > Unix Programming > December 2006 > IP Spoofing
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
|
| We change the source ip Address when sending our packet, but what i
don't understand is how one can recieve the reply since the source ip
address is not of his machine so will the packet not directed to
spoofed address???
| |
| Rainer Temme 2006-12-14, 8:57 am |
| Wasim wrote:
> We change the source ip Address when sending our packet, but what i
> don't understand is how one can recieve the reply since the source ip
> address is not of his machine so will the packet not directed to
> spoofed address???
Just two examples:
You send a UDP packet to a destination that lives behind
a firewall. You know that only certain IP addresses are
allowed as sources. So you spoof the source IP.
In this case you are eventually not awaiting any reply,
since the damage is already done once the packet is
received by the target.
You have a system on the routing-path between A and B.
You spoof A's IP address in a packet to B, and capture
the reply (since you are on the routing path, the reply
will try to pass your system).
Btw ... NAT could be seen as an implementation of the
second case. (to a certain extend).
Rainer
| |
| loic-dev@gmx.net 2006-12-14, 7:06 pm |
| Hello,
> We change the source ip Address when sending our packet,
Well, you shouldn't be doing that unless you joined the dark side of
the force...
> but what i don't understand is how one can recieve the reply since the source ip
> address is not of his machine so will the packet not directed to
> spoofed address???
Are you looking for something similar to 'arp spoofing':
http://en.wikipedia.org/wiki/ARP_spoofing
But don't count on me to tell you how it's working ;-)
Cheers,
Loic.
|
|
|
|
|