On Wed, 2 Jul 2003, Hanuska Ivo wrote:
> Is it possible to forge my IP address?
yes look at tools hosted at www.packetfactory.net they will accomplish
this for you or take a look at Unix Network Programming by Richard Stevens
if you can get ahold of it there is a good section on Raw Sockets(for
programmers though). Also
here is an introduction to spoofing on securityfocus
www.securityfocus.com/infocus/1674 not the best but all right.
>Imagine situation that I am connected with some sort of link (not
>Ethernet like device, there is answer simple, just use ARP manipulation
>methods)
Not quite sure what you are saying? if your not connected via Ethernet you
can
still forge your packets but Adress Resolution Protocol(ARP) is used to
map hardware adresses(MAC's) to ip addresses, you can trick other
computers with ARP into thinking your MAC is that of another ip but this
is not the only way to forge packets in fact if you are forging packets
and then sending them to ip's outside your network the MAC address does
not matter.
>possibly by modem to Internet and I want to forge my IP address
>(so I do want to pretend, that my IP address is different that really
>is).
Most modems that I have seen use ppp(peer to peer protocol?) which does
not
use ARP at all, and can also be forged but the packet will then be
encapsulated into ppp.
>
> Is there somewhere some information about such a procedure and how to protect my
> resources from connections from such forged IP address?
Good books if you want to get into it are TCP/IP Illustrated, and Unix
Network Programming, if you are not that interested read the above sec
focus paper for a brief run down. Good luck.
>
> Thank you all,
hope this helps
john fastabend
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
