Penetration Testing mailing list archives
Re: IP Spoofing/Masquarading
From: Fabien Vincent <fabvincent () gmail com>
Date: Wed, 9 Sep 2009 21:12:26 +0200
Hi all, I'm not sure about what you want to do, but check cisco.com functionnalities for ISP routers. This kind of ACLs seems not to be a default config ! If you have NAT, for sure equipment in charge of MAP addresses and ports replace your private address by the public interface address, even if it's not classified as an RFC1918 and others specific addresses. But if you can spoof L3 with success whil using RFC1918 with ISP routers, I want to see it ! Most of them have for sure one Cisco in their network, and just for the example, they normally advised about ACL for RFC1918 and RFC3330 http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml Check about BGP and routing process, I'm not really close to BGP routing, but it will be probably dropped by some security equipements or ACLs? Regards , Fabien VINCENT ------------------------------------------------------------------- On Wed, Sep 9, 2009 at 10:16, M.D.Mufambisi<mufambisi () gmail com> wrote:
So can someone explain ip spoofing in the sense that a packet may be spoofed to make it appear as if it originated from the internal lan yet it did not. I need an explanation of how it works and how the packet is structured. regards MD On 9/9/09, Dan Howerton <danny.howerton () gmail com> wrote:M.D. - The packet wont get to the internet. The moment your ISP sees it, it will be dropped. On Wed, Sep 9, 2009 at 12:19 AM, M.D.Mufambisi <mufambisi () gmail com> wrote:I understand that IP packets can be spoofed ie change the source address to make it look like they originated from the internal LAN. However, when this is done across the internet, with a private IP address in its source field, how does this packet get routed through the internet? Kind Regards ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org -------------------------------------------------------------------------- Dan Howerton http://metacortexsecurity.com GPG key: 10F5DDA5------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 09)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 09)
- Re: IP Spoofing/Masquarading Chris Brenton (Sep 09)
- RE: IP Spoofing/Masquarading David_Falloon (Sep 09)
- Re: IP Spoofing/Masquarading Robert Portvliet (Sep 09)
- Re: IP Spoofing/Masquarading James Bensley (Sep 09)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Fabien Vincent (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 09)
- Re: IP Spoofing/Masquarading Marco Ivaldi (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading matteo filippetto (Sep 09)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Sebastiaan (Sep 09)
- Re: IP Spoofing/Masquarading Jared Curtis (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading aditya mukadam (Sep 09)
- Re: IP Spoofing/Masquarading R. DuFresne (Sep 09)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 09)
- Re: IP Spoofing/Masquarading Samuel Korpi (Sep 09)