Penetration Testing mailing list archives

Re: Tool for source routing

From: "Jason Witty, CISSP" <jason () wittys com>
Date: Thu, 07 Jun 2001 20:00:03 -0500

Ian Vitek did a pretty good presentation on IP spoofing and source routing
last year at defcon.  His slides can be found at
http://www.wittys.com/files/defcon_vitek.ppt .  His examples are based on
using netcat and simple ifconfig tricks, to fully source route the packets.
 Hope this helps.

Jason

At 01:30 AM 6/3/01 -0400, Franklin DeMatto wrote:

Can anyone suggest a good tool to perform ip addr spoofing via source

routing?


That is, it should replace the source addr with a spoofed one, and add the 
real one as a source route.  It must also forward the recieved packets, 
since their dest addr will be the spoofed one.

It should ideally be able to sit in between other apps, both ones that use 
connect() and ones that use raw sockets, and modify the IP packets to 
source route.  This would allow use of preexisting tools without 
rewrite/recompilation.

BTW, I'm mainly interested in using it on Linux 2.2 systems.  If this can 
be done with ipchains, could someone suggest how?

Franklin DeMatto
franklin () qDefense com
qDefense - DEFENDING THE ELECTRONIC FRONTIER

Current thread:

Tool for source routing Franklin DeMatto (Jun 03)
- Re: Tool for source routing Dug Song (Jun 03)
- Re: Tool for source routing Ryan Russell (Jun 03)
  - Re: Tool for source routing Andrew Brown (Jun 03)
  - Re: Tool for source routing Marius Huse Jacobsen (Jun 07)
    - Re: Tool for source routing Dario Ciccarone (Jun 10)
- Re: Tool for source routing Jean-Christophe Touvet (Jun 05)
- Re: Tool for source routing Jason Witty, CISSP (Jun 08)
- <Possible follow-ups>
- Re: Tool for source routing ian . vitek (Jun 10)