Penetration Testing mailing list archives
Re: Tool for source routing
From: ian.vitek () ixsecurity com
Date: Sun, 10 Jun 2001 12:24:50 +0100
I have to say something about my presentation at defcon last year. The source routing examples in the presentation are based on the Linux 2.0 kernel. In the 2.0 kernel it was just to disable "drop source routed frames" and enable "forwarding" when compiling the kernel. It is not just to set /proc/sys/net/ipv4/conf/all/accept_source_route to 1 and /proc/sys/net/ipv4/ip_forward to 1 in the 2.2 and 2.4 kernel. I think you have to compile the kernel as "advanced router" and set /proc/sys/net/ipv4/conf/all/rp_filter to 0. I do not have the time to get the exact configuration, but I am sure this will help. And remember, this configuration is not secure! This configuration should only be set on pen-test computers. One last thing on defcon. I can not come this year. My wife and I are expecting a newborn the same time as defcon. Bad planning right? ;-) Well, there will be 6-8 people from iXsecurity this year. You can get drunk with them. If you mail rikard.carlsson () ixsecurity com he will send you the logo that iXsecurity will have on their t-shirts this year. Anders Ingeborn from iXsecurity will speak about small payloads on Windows at defcon. Small as in the comphack code: http://www.securityfocus.com/archive/1/156486 Enough defcon promotion ;-) Ian Vitek, iXsecurity In reply to "Jason Witty, CISSP" <jason () wittys com>
Ian Vitek did a pretty good presentation on IP spoofing and source routing last year at defcon. His slides can be found at http://www.wittys.com/files/defcon_vitek.ppt . His examples are based on using netcat and simple ifconfig tricks, to fully source route the packets. Hope this helps. Jason
Current thread:
- Tool for source routing Franklin DeMatto (Jun 03)
- Re: Tool for source routing Dug Song (Jun 03)
- Re: Tool for source routing Ryan Russell (Jun 03)
- Re: Tool for source routing Andrew Brown (Jun 03)
- Re: Tool for source routing Marius Huse Jacobsen (Jun 07)
- Re: Tool for source routing Dario Ciccarone (Jun 10)
- Re: Tool for source routing Jean-Christophe Touvet (Jun 05)
- Re: Tool for source routing Jason Witty, CISSP (Jun 08)
- <Possible follow-ups>
- Re: Tool for source routing ian . vitek (Jun 10)