Re: My spoof packet =?iso-8859-1?Q?don=B4t?= pass through the LINUX/NT

Fri, 11 Feb 2000 07:27:33 -0800 


Sorry, in the IP Header.

Javier Romero wrote:

> Well,
>
> I can answer myself.
>
> The wrong with my spoof packet was the Checksum in the IP Header.
>
> Regards,
>
> Javier Romero.
>
> Build a spoof packet is very easy.!
>
> Javier Romero wrote:
>
> > Hi folks,
> >
> > I have worked very hard, testing and testing what is my wrong.
> > I have used a ICMP ping packet (1442 bytes of size) changing the source
> > IP address by the broadcast IP address of the target network address.
> > Well, I changed my method:
> > 1st.
> > IP SRC= *.*.*.255
> > 2nd.
> > IP SRC= *.*.*.33 (the gateway of the target host)
> > 3rd.
> > IP SRC= *.*.*.22 (the same IP add of the target host).
> >
> > Well, I used the SNIFFER Pro running on Windows 95.
> >
> > I am testing a equipment based-on Linux (using IPFWADM).
> > BTH, Does anybody know what is the content normal of the IPFWADM�s
> > files, like as:
> > /proc/net/ip_acct
> > /proc/net/ip_input
> > /proc/net/ip_output
> > /proc/net/ip_forward
> > /proc/net/ip_masquered
> >
> > Build in Linux release 4.0 Kernel 2.0.34 (where IPFWADM don�t mesh with
> > IPCHAINS). This is a equipment called Cobalt www.cobalt.com.
> >
> > When I see if my Linux Cobalt is using rules, with cat ip_*, cat
> > etc,etc.... But I find with hEXadecimal content.
> >
> > I guess that I must install Linux 4.0 and display these files.
> >
> > -----
> >
> > I test the same packets in a another scenario in a NT MAchine 4.0 using
> > IPForwarding, but the packets didn�t pass through the NT (when I had
> > used spoofing, but not when I used normal packets)
> >
> > I used SNIFFER PRO all time.
> >
> > Please, If you know what is the error in my packet?
> > I will try send you as *.cap file (to Sniffer of NAI)
> >
> > TIA
> >
> > Javier Romero
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to