Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: spoof source ip

  1. #1
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    3

    Default spoof source ip

    I'm contemplating the best way to spoof the source ip of all outgoing packets. An ettercap or scapy filter? Any suggestions on the best way to accomplish this?

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    What do you have in mind. Knowing that would help to give a suitable answer.
    Tiocfaidh ár lá

  3. #3
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    3

    Default

    I want all return traffic sent to another machine.

  4. #4
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Out of curiosity for which purpose?
    Tiocfaidh ár lá

  5. #5
    Member hawaii67's Avatar
    Join Date
    Feb 2006
    Posts
    318

    Default

    Quote Originally Posted by KMDave View Post
    Out of curiosity for which purpose?
    Hmm....only one purpose comes to my mind............
    Don't eat yellow snow :rolleyes:

  6. #6
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by opeth327 View Post
    I want all return traffic sent to another machine.
    We're still lacking detail. What type of traffic? How will the initial (outbound from your machine) traffic be generated? etc.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  7. #7
    Member imported_blackfoot's Avatar
    Join Date
    Jun 2007
    Posts
    386

    Default detail

    All in the detail.

    An attempt to 'spoof' source IP addresses only without further crafting or control will result (if successful) in meaningless IP packets arriving (without foreward knowledge) at a second machine.

    A bit like ordering a box of oranges and telling the supplier that the order was from the house next door. They will probably be delivered but the owner would not expect them!

    Maybe perhaps what you want to achieve is an elementary man-in-the-middle attack!
    Lux sit

  8. #8
    Just burned his ISO dmsr66's Avatar
    Join Date
    Dec 2008
    Posts
    3

    Default

    Well, the best way is to use netfilter with the SNAT directive.

    All your outbound traffic will be "NATed" with the IP address you specified.

  9. #9
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    3

    Default

    Quote Originally Posted by dmsr66 View Post
    Well, the best way is to use netfilter with the SNAT directive.

    All your outbound traffic will be "NATed" with the IP address you specified.
    how can get this tools?

  10. #10
    Just burned his ISO dmsr66's Avatar
    Join Date
    Dec 2008
    Posts
    3

    Default

    It's included in backtrack.
    The command for managing netfilter rules is iptables.

    You can have all details in the man pages, SNAT section.

    Thousands of examples are available on the web, juste google and search for iptables SNAT.

    You may also be interested in tools like hping (-a option) depending on what you want to do.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •