----- Original Message -----
From: "Christian Cantrell" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Friday, May 30, 2003 2:05 PM
Subject: Re: Block Competitors from Web site
> On Wednesday, May 28, 2003, at 03:52 PM, Andre Turrettini wrote:
>
> > Can someone educate me on how you would spoof an ip and then get back
> > content.
>
> I used (or misused) the term "spoof" to mean making the server believe
> that your IP address is different from what it really is. The only way
> I actually know how to do this is by using a proxy, or by tunneling
> requests through another server (which is just another kind of proxy).
> As you point out, spoofing your IP address is not as simple as spoof
> your user agent.
>
> Christian
For everyone's benefit -- ip spoofing definition
IP Spoofing is the technique used by intruders to gain access to a
Network by sending messages to a computer with an IP address indicating that
the message is coming from a trusted host. To engage in IP spoofing, a
hacker must first use a variety of techniques to find an IP address of a
trusted host and then modify the packet headers so that it appears that the
packets are coming from that host. As Routers use the "destination IP"
address in order to forward packets through the Internet, but ignore the
"source IP" address which is only used by the destination machine when it
responds back to the source. These attacks exploit applications that use
authentication based on IP addresses.But this attack does not involve source
routing.There's a common misconception that "IP spoofing" can be used to
hide your IP address while surfing the Internet, chatting on-line, sending
e-mail, and so forth but this is generally not true. You cannot create a
normal network connection by forging the source IP address as the response
will be misdirected.However, IP spoofing is an integral part of many network
attacks that do not need to see responses (blind spoofing).
With the current IP protocol technology, it is impossible to eliminate
IP-spoofed packets. The best way to to eliminate IP spoofing attacks is to
install a filtering router that restricts the input to your external
interface by not allowing a packet through if it has a source address from
your internal network. In addition, you should filter outgoing packets that
have a source address different from your internal network to prevent a
source IP spoofing attack from originating from your site.The combination of
these two filters would prevent outside attackers from sending you packets
pretending to be from your internal network. It would also prevent packets
originating within your network from pretending to be from outside your
network.
from
http://searchnetworking.techtarget.com/ateQuestionNResponse/0,289625,sid7_cid451877_tax287058,00.html
Regards,
John Paul Ashenfelter
CTO/TransitionPoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community.
http://www.fusionauthority.com/ads.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
