*BSD News Article 51678


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.kei.com!news.mathworks.com!tank.news.pipex.net!pipex!dispatch.news.demon.net!demon!palmer.demon.co.uk!palmer.demon.co.uk!not-for-mail
From: gary@palmer.demon.co.uk (Gary Palmer)
Newsgroups: comp.unix.bsd.freebsd.misc,comp.protocols.tcp-ip
Subject: Re: Faking Source IP Addresses?
Date: 26 Sep 1995 02:03:01 +0100
Organization: none
Lines: 19
Message-ID: <447jg5$1v3@palmer.demon.co.uk>
References: <43te4l$ug@galaxy.ee.rochester.edu> <440kbd$hvj@uriah.heep.sax.de>
NNTP-Posting-Host: pc.my.org
X-NNTP-Posting-Host: palmer.demon.co.uk
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:6441 comp.protocols.tcp-ip:39147

In article <440kbd$hvj@uriah.heep.sax.de>,
J Wunsch <j@uriah.heep.sax.de> wrote:
>iijppp does it, i think.

Umm. That's partly true, I suppose. All iijppp does is send data up into
the kernel via the tun device, and send data it receives out via the
defined serial line, presumably to a modem or to another computer.

If you are talking about doing it on ethernet, you'll need access to
the bpf devices in /etc to write raw packets out. That's probably
the best way to do it, but also a massive security hole as any user level
process on the machine could open the device and do it.

Gary

-- 
FreeBSD Core Member
E-Mail: Gary@Palmer.Demon.co.uk, gpalmer@FreeBSD.org