Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing"
From: LXIX (post_replys_please@this.address.is.invalid)
Date: 12/31/02
- Next message: Barry Margolin: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Previous message: Todd Knarr: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- In reply to: Rich: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Next in thread: Barry Margolin: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Reply: Barry Margolin: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "LXIX" <post_replys_please@this.address.is.invalid> Date: Tue, 31 Dec 2002 02:05:19 GMT
Rich wrote:
> "Joe Schmoe" <nomail@forme.com> wrote in message
> news:pan.2002.12.31.01.05.40.224115@forme.com...
>> On Tue, 31 Dec 2002 00:33:01 +0000, LXIX wrote:
>>
>>> Joe Schmoe wrote:
>>>> On Mon, 30 Dec 2002 21:07:35 +0000, Todd Knarr wrote:
>>
>> <snipped>
>>>> Let's say a spammer has a cable modem and his IP is 66.186.5.20 and his
>>>> ISP is filtering packets and dropping illegal addresses. All he has to
>>>> do is to spoof the IP with a valid one say 66.186.5.21, it is a legal
>>>> address that will pass the filter but not point back to him.
>>>
>>> That won't work if the router is configured properly. It's going to see
>>> an inbound packet from the internet side
>> <snipped>
>>
>> Why would it be inbound? I'm talking about generating a valid IP that
>> exists within your own subnet that will pass an outbound filter. The
>> machine generating the packet AND the spoofed IP are both on the same
>> subnet controlled by the same router.
>>
>> Joe
>>
>
> To leave the subnet under another IP the client PC would either have to
> generate an ARP packet or it would have to use the same MAC as the existing
> IP address they intend to use. The former is not possible if the ARP table
> is manually hard-coded or controlled by an external add-on device (can be
> done with some SNMP-based products). The latter might work though.
Yea. My bad, I parsed the question wrong. However, in terms of cable modems
it still shouldn't work. Unless the modem knows your MAC and has assigned an IP
it won't route packets out. Not sure about DSL though.
FWIW, the Linksys BEFSX41 will let me change the "outside" MAC address.
Been toying with changing it to some sort of real old Sperry system. :)
http://www.cavebear.com/CaveBear/Ethernet/vendor.html
For some reason I was still fixated on the spoofing inbound.
I blame it on lack of coffee. yea..
--LXIX--
- Next message: Barry Margolin: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Previous message: Todd Knarr: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- In reply to: Rich: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Next in thread: Barry Margolin: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Reply: Barry Margolin: "Re: Req: info on IP range popup ad software supposedly called "Extreme Marketing""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
