What do you have in mind. Knowing that would help to give a suitable answer.
spoof source ip
I'm contemplating the best way to spoof the source ip of all outgoing packets. An ettercap or scapy filter? Any suggestions on the best way to accomplish this?
What do you have in mind. Knowing that would help to give a suitable answer.
Tiocfaidh ár lá
I want all return traffic sent to another machine.
Out of curiosity for which purpose?
Tiocfaidh ár lá
Hmm....only one purpose comes to my mind............Originally Posted by KMDave
Don't eat yellow snow :rolleyes:
We're still lacking detail. What type of traffic? How will the initial (outbound from your machine) traffic be generated? etc.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
detail
All in the detail.
An attempt to 'spoof' source IP addresses only without further crafting or control will result (if successful) in meaningless IP packets arriving (without foreward knowledge) at a second machine.
A bit like ordering a box of oranges and telling the supplier that the order was from the house next door. They will probably be delivered but the owner would not expect them!
Maybe perhaps what you want to achieve is an elementary man-in-the-middle attack!
Lux sit
Well, the best way is to use netfilter with the SNAT directive.
All your outbound traffic will be "NATed" with the IP address you specified.
how can get this tools?
It's included in backtrack.
The command for managing netfilter rules is iptables.
You can have all details in the man pages, SNAT section.
Thousands of examples are available on the web, juste google and search for iptables SNAT.
You may also be interested in tools like hping (-a option) depending on what you want to do.
Posting Permissions