Slashdot Mirror

← Back to Stories (view on slashdot.org)

Can You Spoof IP Packets?

Posted by ryuzaki0 on from the something-to-think-about dept.

nweaver writes "Spoofed IP packets are still believed to be a significant problem for the Internet. But are they? The Spoofer Project is attempting to measure the problem. Apparently, 80% of the IP addresses measured no longer support spoofing! Their methodology is simple: have users download a client which attempts to spoof packets to the monitor. Using these packets, they can determine the filter rules. So everyone, download the client and help!"

13 of 211 comments (clear)

  1. Oh yes! by aardwolf64 · · Score: 5, Funny

    Oh yes! Everyone download this executable from known IP Spoofers and run it. It won't root your system, we promise...

    1. Re:Oh yes! by gEvil+(beta) · · Score: 5, Funny

      Well, at least your system would be rooted by people from MIT. It's comforting to know that you've been rooted by some of the best...

      --
      This guy's the limit!
    2. Re:Oh yes! by jcochran · · Score: 5, Informative

      The "tar xfz spoofer-xxx-0.4.tar.gz" command will work just fine is using GNU tar. However, the "z" option isn't available for the original tar command and frankly the portability of pipelined version is better.

  2. Yay! by Renraku · · Score: 5, Funny

    Even you can help the next generation of scammers find an ISP to call home!

    --
    Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
  3. I think I speak for most of us when I say... by Phroggy · · Score: 5, Insightful

    ...No.

    Seriously, why would I want to participate in this?

    --
    $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
    $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
  4. Spoofage by iXiXi · · Score: 5, Funny

    My packets have spoof all over them ! Anyone have a tissue?

  5. Warning by Kwiik · · Score: 5, Informative

    This took out my wireless network on XP Home SP2 using Microsoft's wireless zero configuration tool for the software side of it. During the spoof portion of the test, all network connectivity halted and immediately reported that the wireless connection had disconnected.

    --
    Vehicle Stars used car search is my current project
  6. It's true by rudy_wayne · · Score: 5, Funny

    Nearly 5 years ago, the great and all knowing Steve Gibson predicted that the raw sockets in Windows XP would allow packet spoofing that would bring down the internet with unstoppable DOS attacks.

    So it must be true.

  7. Re:If you TRULY want to know... by Danny+Rathjens · · Score: 5, Informative

    ... or just run ethereal or tcpdump on your local machine to watch outgoing packets. or just watch from your firewall. You are overcomplicating things. :) or maybe you are just paranoid enough. ;)

  8. I'll download only if: by psbrogna · · Score: 5, Funny

    These additional demands are met:
    1. a free lollipop.
    2. a car ride deep in the forest

  9. The usefulness of this measurement is questionable by saikatguha266 · · Score: 5, Informative

    The questions is not can an IP be spoofed (yes, it can always be spoofed from somewhere), but rather from where can it be spoofed and to where can it be spoofed to. You can spoof any IP address to another box on your local ethernet segment -- there are no routers en route that can drop the packet. You probably cannot spoof an IP to someone on the other side of the world, but your ISP or your ISP's ISP can. In fact, you can spoof any IP to almost everywhere if you have a connection to one of the few core Internet routers.

    The project basically is saying that home users cannot spoof IPs to their measurement server. That's well and good, but useless.

    Home users no longer need to spoof IPs to hide the source of the attack (as in days past). Home users now are simply trojan/zombie boxes that are hiding the true source of the attack by using their own IP -- no spoofing required. Back when zombies were not a problem, attackers used spoofing to hide their true location; it is no longer required now that boxes can be 0wned with relative ease.

    I don't see the point of this project.

  10. In related news.... by Mayhem178 · · Score: 5, Funny

    ...the other 20% of spoofable IP addresses are reported to be in the possession of Weird Al Yankovic, who, according to US Attorney General Alberto R. Gonzales, is capable of spoofing damn near anything.

    A full-blown investigation is under way to put an end to Weird Al's wild spoofing. Rap legend Coolio has pledged his support in these investigations.

    Weird Al was unavailable for comment, but his assistant did pass along his official response, which was, "Mecha lecha hi, Mecha hiny hiny ho."

    More at 11.

    --

    "You will pay for your lack of vision..." - Emperor Palpatine to Ray Charles

  11. Unique? by iminplaya · · Score: 5, Funny

    Apparently, 80% of the IP addresses measured no longer support spoofing!

    Yes, but how many of those are unique IPs?

    --
    What?