Tutorial about Spoofing --- This Tutorial is written by M4k3
visit --- wwww.pldsoft.com
Security and Hacking Group

What is Spoofing?
Spoofing is a thought out method to the Authentification of a computer at another computer
assistance of falsified packets, which give, of another, trusted, appreciates senders to
come.

How does Spoofing function?
The fact, which must be called the Authentification on the basis the return address
unsatisfactory, makes actually IP-Spoofing still not yet possible. Why is like that? For
a connection somewhat more than only the correct IP address is necessary. More exactly
said, a complete dialogue between the computers is necessary.

The whole becomes somewhat more understandable, if one specifies the steps separately:

IP is responsible for the package transmission. The package transmission accomplished
via IP is unreliable. That is, there is no hundred percent warranty for the fact that
the packages arrive intact; Packages can be lost, damage etc. the substantial point
are: IP leads the packages from A to B. for this reason exists the first step with the
production of a connection to let the packages arrive intact with the correct host.

If the packages arrived only once, then TCP takes over. TCP is more reliable and covers
more functions for the integrity examination of the packages. This examination is
accomplished at each individual package. TCP confirmed for example only once the receipt
of a package and sends then a message afterwards that this package correctly received
and was correctly processed.

The examination of the packages runs off with TCP sequenziell. If e.g. five packages were
sent, then the packages are worked on of 1, 2, 3, 4 and 5 in the order their arrival. As
identification a number is assigned to each package, which use both host involved for
the error check and error message.

The aggressor sees himself thus now confronted with two problem: First of all it must
falsify the senders address and manufacture secondly with the goal host a sequence
dialogue. The latter makes the attack, on the used operating system, dependent to a
genuine challenge, because the sequence dialogue is not by any means arbitrary. The goal
host sets the ISN, and the aggressor must counter with the correct answer.

That makes the thing still for complication term, because the aggressor does not
have to guess the correct sequence answer, there he under any circumstances, really
packages of the goal host gets.

That sounds perhaps somewhat confusing, therefore I would like to describe the
proceeding more near. We proceed once from the following conditions:

The Cracker knows that host 192.168.1.1 and 192.168.2.2 stand to each other in a bond
of trust.

It plans an attack on 192.168.1.1.

For this reason it must camouflage itself as 192.168.2.2.

In order to camouflage itself as 192.168.2.2, it falsifies the IP address.

The problem thereby is, which all answers are actually sent by 192.168.1.1 at 192.168.2.2
(and not to the computer of the Crackers). For this reason the Cracker cannot observe
the package exchange - he is in the blind flight (therefore one calls this proceeding
also “blind” Spoofing). The “seeing” Spoofing is more practical, with which the aggressor
the data traffic can observe - about, because he is in the network section, in which the
data is exchanged.

Blind Spoofing represents a really difficult task for the aggressor. What happens, if our
host 192.168.2.2 answers to the packages of the goal host, while the aggressor wants to
accomplish sinen attack? In this case he could forget deb attempt, because the expected
sequence numbers would be void. It must accomplish thus before beginning of the attack
still another last additional step, sing i.e. 192.168.2.2 into the sleep.

One of many Mehoden would for example be that the Cracker bombards the computer
only with a tide of SYN inquiries.

After the connecting and Authentification are final must the Cracker a somewhat
more comfortable passage open, in order to be able to work on the system - it does not
want to have itself each mark again via Spoofing in obligations.

Thus he builds himself an entrance. The simplest possibility for this exists in the modification of
the.rhosts file; this is changed in such a way that the system meanwhile
accepts connecting inquiries of arbitrary place without Authentification.

Afterwards the Cracker separates the existing connection and manufactures a new.
It can announce itself now without password input and control the system as desired.

Copyright by PLDsoft.com

I only got to half way but this is riddled with gramatical errors and such and i was not able to follow. I think that alot of the information you a giving is useless, but as i can not understand it clearly I will not critisize your knowledge.

I can see that you are from germany but you should find someone to proof read your english texts before releasing them.

-toe

The basic idea was good, but the technical details about spoofing were kinda obsolete, now it's just basic theory and not very useful. Also, it could have been written in a more compact and understandable way, and as toe mentioned, without the grammar errors.

to spoof packets you will need administrator on win32 or root on linux to be able to create raw packets. Keep that in mind. Most routers used by ISPs and DC's at this time can detect spoofed packets and ignore them anyways.

They have completely disabled raw sockets on Windows XP Service Pack 2.

Are you sure? As I know you can use cain&abel for windows. it is really perfect

www.oxid.it just give a try

I believe you need Winpcap to run Cain & Abel?

It is winpcap that allows raw packets to be generated on Windows.
I don't know the technical details about how it all works.

This "tutorial" is hardly a tutorial, it doesn't really go into anything, it is just theory.

But I am sure at least a couple people might learn something from this.

AFAIK WinPap interacts with the actual network drivers to send out raw ethernet frames which it generates from your calls to use it for raw sockets, therefore bypassing the normal windows stack and avoiding the limitations it places on you.