IP Spoofing in XP and 2000?

[MrTRiX]

I know that the IP spoofing will be done through Raw Sockets/Packets but how exactly do you use this to spoof your IP. I would figure it is not a option right in windows itself.

[newbie69]

i bet people will not tell because they'll think that you are just like all the other script kiddies out there finding ways to do harm, sorry don't know either

[MrTRiX]

First of I am not a script kiddie I am just not as advanced in the NT base of Windows. I am more into the *nix flavors but its never to late to try something new and unlike you im trying to learn!!

[newbie69]

learn??...hey dude that post wasn't meant to flame you, don't be fooled by the nickname newbie69 or the little posts i have, that post was meant for the people that were going to flame you for being a script kiddie and all that, a way misunderstanding there, and spoofing is in the category "hacking" , there you learned something (hacking isnt discussed here meaning not in speedguide.net or in there forums), i use *nix flavors too (has more ip spoofing .c programs for you to compile), and i never said anything about me not learning, so don't say that im not trying to learn


and if i knew i WOULD tell you!!!


I'm not much of a windows user, again don't be fooled by the "newbie69" nickname


it would be quite fascinating to know how to do it on xp

[MrTRiX]

2 thing STFU and I cant learn a thing from u

[newbie69]

forget it (i tried to be nice by telling you that the moderators would'nt allow the discussion on "how to spoof your ip in windows xp/windows 2000", because it would be categorized as "hacking"), please don't post anything anymore you're just overwhelming me with your ignorance

[newbie69]

oh well

[Juggernaut]

MrTrix, I'd recommend you'd follow the advice in YOUR OWN SIG.

[MrTRiX]

why the hell does everyone think the sig is serious its a damn joke and I dont know everything just asking a question. Didnt get what he was getting accross now I do. Sorry for having sig ges.

[W_I_Z_K_I_D]

Yo mR Trix or whateva your name is
Mr newbie was coolin it down man bein nice and sh*it
And you flame back , whas this man your in a security furum.

As for your question i dunno

[MrTRiX]

I have no clue what u said there?????

[W_I_Z_K_I_D]

so what ya sayin
you stupid or something..?

[g-c0de]

hey newbie, since when did you start using *nix os's? i know i didn't teach you that yet,damn lier you don't even use *nix!, everytime i go over your house you're using windows ,damn newbie...lol, take care bro...alot of misunderstandings in this post

[greEd]

packet creation is simple.......you just hav to have the resources for it.
Most people spoof packets for stress testing different applications abilitie to handle requests from null addresses.

If you want a packet creator for windows 2000/nt low-level network packets check out my web site and look under the "security tools" in the download section.

Have Fun

[quickfoot]

Well since Microsoft adopted much of the FreeBSD TCP/IP stack in both windows 2000 and windows XP it makes since that raw sockets would be available in the OS.

Personally I don't see what the big deal is, it isn't the os that is causing problems with spoofing, it is the ISPS. If ISPs correctly configured routers and firewalls end user spoofing would be impossible regardless of the os.

Its not big deal and its been expected for a while now, if anything it will just cause some uniformed network admins to get a crash course on how to actually configure a router.

[KSJNX]

prob is 8 out of 10 isp's don't give a *hit . they don't wana add a few more lines of code or put in a firewall they just want someone to pay ze bill.

i belive the protection starts at microsoft. other companies shouldn't have to fix probs because microshaft wont.:2cool:

[quickfoot]

Protection must come from the ISP level for this issue, protection from the OS level wont work because of the multitude of operating systems that support sockets and the ease of creation of data packets.

Another example is smurf, if routers and networks were properly configured smurf would not be an issue. With the increased litagation involving the Internet it is entirely possible that the courts will find an ISP responsible for damages when an attack originates on their network which could have been prevented if they had properly configured it.

To prevent the majority of spoofing all they need to do is configure an access list on the router. It would still allow spoofed addresses in their ip block but the majority of people want to spoof non local ip addresses and this also can be blocked.

It doesn't cost anything to configure it correctly and we will continue to see these problems until it is in the ISPs best interest to implement these simple rules (most the big ones already do, its the smaller ones that cause the problems).

Asking Microsoft to prevent ddos or dos attacks is not feasible or viable, it is like trying to create a river dam with one branch.

[Stef]

Hey guys, interresting thread! I though that I would drop off a link that describes several configuration techniqes on preventing various types of DoS attacks.

Of course, the document decribes several configuration tips of the best routers and network operating systems.

You'll notice Windows NT is not on the list

I've been running Linux for a one year now. I've always been using some of the advanced Linux kernel IP stack options and my system has nerver crashed from any DoS attack or malformed datagrams.

The worse thing that has ever happened to me from a DoS attack is that I had to bring one ethernet interface down. Plug my DSL modem into another ethernet device. Then re-initialize the device and request a new DHCP lease. All this without a reboot :-D

If you have a router or are running UNIX at home, read this document and prevent your multihomed host from becoming a hazard to your network and to the internet!!

Minimizing Denial of Sevice Attacks

Stef

[MrTRiX]

Good to know my topic is doing well and in case my question wasnt totaly clear I only want to manipulate the packets being sent out to "spoof" my IP for Protection. Because I go on mIRC alot and my IP gets picked on alot by some guys I pissed off once so if I could switch it they would not be able to attack me anymore and I could get a chance to actually ask them why they do it.

[quickfoot]

Spoofing wouldn't help you with IRC, in fact it has no real useful purpose for the average user.

The reason spoofing would not work for you is the source ip address is faked so all reply traffic is sent to that fake source ip address, that means that you would not be able to establish a connection with any servers because you will not see the replies to the packets you are sending.

There used to be a way to make your ip resolve to a different hostname but that didn't protect you because you could still be nuked. (and this vunerability has long since been fixed).

Pretty much if you are worried about security either run Unix or get a good firewall like conseal pc firewall and spend some time configuring it.

IP spoofing is still used in attacks because for most attacks you don't need to see the reply, so really raw sockets in xp and 2000 are still no big deal.

I wouldn't be surprised if they limited them to the people with administrator access like Unix but then again I wouldn't be too surprised if they didn't either..