My question is this: how does an attacker accomplish modifying a packet and sending it; such as in a land.c attack - how does he modify the packet to reflect the victim's source and destination IP and then send it onto the wire?
-----Original Message----- From: Fuchs Bernhard [mailto:Bernhard.Fuchs@;itellium.com] Sent: Tuesday, November 05, 2002 5:58 AM To: 'vijay vikram shreenivos'; [EMAIL PROTECTED] Subject: AW: Smurf ,land attacks Hi there! with "IP spoofing" you give a different source address to the packet. the address is different to your real address. You do this for cloaking your scan or if company A scans company B and spoofes the address of company c. so company b thinks it is company c scanning them! o.k.? but company a will not get any results back! this is mostly to cloak your own scan. Smurf is a DoS-Attack (denial of service) You Amplifi your ping through a big network. You ping a subnet like x.x.x.255 with an SPOOFED IP-Adress and every computer on that big net responses to the poor little machine that has the IP-Adress. Think of class B subnet with a few hosts reply to a ADSL connected machine... 1500kb download and 196 kb upload :-) land attack is a TCP SYN packet that has the ip address and port number for the source set to the same as the ip address and port number for the destination. the server connects to itself. any comments? by the way, google knows it too :-) Mit freundlichen Grüßen/ sincerely yours Bernhard Fuchs Junior System-Engineer IT-Infrastruktur ITELLIUM Systems & Services GmbH Fürther Straße 205 90429 Nürnberg Tel.: +49-911-14-27321 Fax: +49-911-14-22016 mailto:bernhard.fuchs@;itellium.com http://www.itellium.com This email is confidential. If you are not the intended recipient, you must not disclose or use the information contained in it. If you have received this mail in error, please tell us immediately by return email and delete the document. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. The contents of this email are those of the individual and do not necessarily represent the views of the company. The company accepts no responsibility once an e-mail and any attachments is sent. -----Ursprüngliche Nachricht----- Von: vijay vikram shreenivos [mailto:karpagamekapali@;rediffmail.com] Gesendet: Samstag, 2. November 2002 08:15 An: [EMAIL PROTECTED] Betreff: Smurf ,land attacks Hi list, Can someone give the EXACT differences btw SMURF LAND and IP soofing attacks. karpagamekapalidurgau __________________________________________________________ Give your Company an email address like ravi @ ravi-exports.com. Sign up for Rediffmail Pro today! Know more. http://www.rediffmailpro.com/signup/