LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   How do people spoof your name and IP address? (https://www.linuxquestions.org/questions/linux-newbie-8/how-do-people-spoof-your-name-and-ip-address-308053/)

veeruk101 03-30-2005 10:49 PM
How do people spoof your name and IP address?
 
I was reading a tutorial that has mentioned a few times about intruders that may try to spoof your name and/or IP address...how do they do that?

I imagine they could spoof your name by modifying the etc/hosts file of everybody that tries to access your site? Haha, is that what they actually do? So I guess my question still stands about how they spoof a name.

And how in the world do they spoof an IP address? This one just blows my mind! With my limited knowledge on these matters, how do they actually spoof an IP address? I thought an IP address was not spoofable, though the name that points to it very well might be.

Thanks a lot, any insight on these questions would be awesome!

sgrayban 03-31-2005 12:14 AM
the answer that could be given can also be used for hacking/illegal use so your on your own for the answer to this.

dalek 03-31-2005 12:35 AM
This is one of those it would be neat to know but someone may come along and do something they shouldn't with the info. I would like to know how they do that too but understand why nobody says how. May can get someone to email you a answer though. Just don't make it public. No need adding fuel to the fire. It's big enough already. :tisk:

Later

:D :D :D :D :D

PS, "raindrops falling on my head". Raining again. My garden is officially a swamp now. :cry:

scuzzman 03-31-2005 01:12 AM
I'll add this: you will want to investigate "raw socket programming" and it should yield the proper results.

njugs79 03-31-2005 02:29 AM
Interesting topic..but like someone mentioned "it could be used for malicious intentions". However, if one were to really put on "another hat" other than a black hat, then there are a myriad of resources out there on the net on how it is exactly done, right down to the journey of a spoofed packet. IP address spoofing can be defined as the intentional misrepresentation of the source IP address in an IP packet in order to conceal the identity of the sender or to impersonate another computing system. One use this to obtain IP address information for a targetted computing system. My input is this, just google the subject and research..."no harmful effects intended!!!!!!!"

MasterC 03-31-2005 03:47 AM
Moved: This thread is more suitable in Linux - Security and has been moved accordingly to help your thread/question get the exposure it deserves.

Good Luck!

Cool

Ken1015 04-06-2005 09:03 PM
One can explain IP spoofing without providing step-by-step instructions. I can provide a very basic explanation. IP spoofing is generally done one of two ways. The simplest way is to use a proxy server that changes the IP address. In this attack, the abuser first establishes a connection with a proxy server then establishes a connection with the victim. At that point, the victim only sees the IP address of the proxy server and not the real address of the abuser.

The second version of IP spoofing is much more complicated. It's also known as a sequence number prediction attack. This attack requires that the abuser guess the initial sequence number used in establishing the TCP connection and then injecting TCP packets that appear to be part of a legitimate connection.

Those explanations are paraphrased from the textbook I'm using in a web security class I'm taking and it is all I know about IP spoofing.


All times are GMT -5. The time now is 11:47 PM.