IP-spoofing and source routing connections with Linux 2.0.X

Presented at DEF CON 8 (2000), July 29, 2000, 1 p.m. (50 minutes)

The speech will discuss hacking firewalls and filtering routers by spoofing IP and MAC-addresses. Two different spoofing techniques will be presented. Ian will first talk about what to eavesdrop (with siphon, dsniff and tcpdump) and what kind of information one will need for these examples to work. Secondly Ian will show how to set up a working source route (full connection) with netcat through a filtering router. Then Ian will show how to set up the network on a Linux to be able to IP-spoof (with full connection) through a firewall if you sit on a untrusted network, U, between a trusted network, A, and the server, S. Both examples will be explained step by step.

Presenters:

• Ian Vitek - penetration tester at Infosec
  Ian Vitek works as a full time penetration tester at Infosec, Sweden (The page is in swedish). He is right now researching within Media Access level security and LDAP security (which is a big unexplored hole). He also thinks that modems are underestimated hacker tools.

Links:

• https://defcon.org/html/defcon-8/defcon-8-post.html#IanVitek
• https://www.youtube.com/watch?v=zwoY6ER63Sw