#IP

... mo otro SO, podemos engañar totalmente a Nmap en su intento de adivinar remotamente nuestro SO. Al ejecutar iplog, observamos los resultados: voodoo:~#IPlog -o -L -z -i eth0 Las opciones son las siguientes: -o (quédate en primer plano), -L (resultados a la salida estándar), -z (engaña a Nmap), -i eth0 (escucha en eth0). Si ejecuto un Nmap contra la máquina, iplogempieza a escribir un montón de información a la salida estándar, sobre todas las conexiones establecidas, e incluso sobre qué tipo de scan está siendo llevado a cabo; he incluido sólo la información relevante sobre la identificación de SO de Nmap en la salida de iplog Feb 20 13:20:54 TC ...

... lt;=4;$x++){ #Cada datagrama tera uma porta de origem diferente @tmpport = (739,666,2001,3055,8000); $packet->set({ ip => { saddr => $iface, #IP de orgiem (arbitrario) daddr => $server #IP de destino (server) }, udp => { source => $tmpport[$x], #Vetor para cada uma das 5 portas de origem dest => 80, #porta 80 de destino, geralmente aceita (web) len => 5, data => $send_data #data (string) } }); $packet->send(0,1); #envia o datagrama -------------- code ---------------- 6.2. The Client Socket Simple, isn't it? The datagram is generated and sent to the destination address. Let's go to the second part of the cli ...

... nfiguration debugging # Bit0: show all commands, bit1:don't execute anything IP6DEBUG=0 ## IPv6 network configuration? {yes|no} IP6NETWORKING=yes #IP6NETWORKING=no # Take information from the file IP6INTERFACEFILE=/etc/sysconfig/network-ip6.conf ## Gateway network configuration # for i.e. routing IPv6 packages over local IPv6 routers # similar to the default gateway in IPv4) # Allow gateway configurations {yes|no} IP6GATEWAYCONFIG=yes #IP6GATEWAYCONFIG=no # Take information from the file IP6ROUTEFILE=/etc/sysconfig/network-ip6.conf # Allow forwarding option, host is a router {yes|no} IP6FORWARDING=yes #IP6FORWARDING=n ...

... 00.200.0 0.0.0.255 any Despues de que los filtros fueron creados, aplicariamos la interface hacia dentro de nuestra red interna: Router*config/if(#IP access/group 112 in Si asumimos que la interface es Ethernet 0 (eth0) podriamos pegar este script del global configuration mode: access-list 112 permit ip 200.200.200.0 0.0.0.255 any int eth0 ip access-group 112 in exit exit show running Con esto hemos logrado que nuestro filtro que acabamos de crear solo deje pasar los paquetes que provienen del rango 200.200.200.0 y si provenieran de otra direccion IP, los descarte. 6.- Conclusion -------------- El mayor problema de esta ataque es consecu ...

... d/rc.local pis ajoute ces lignes la: ipchains -P forward DENY #default rule, we deny EVERYTHING ipchains -A forward -s 192.168.1.0/24 -j MASQ #IPmasquerading rule ^^^^^^^^^^^ adresse IP LOCALE DU RÉSEAU correspondant a eth1 ou eth0:0 genre. l'adresse ip de la carte ici pourrait varier de 192.168.1.1 à 192.168.1.254. Bon ben naturellement, tu adapte l'adresse ip avec celle que ta choisi (souvent 192.168.1.0 ou 192.168.0.0) --> tout dépendement de l'ip de la carte locale. bon si ca c fait, pis ya pas de message d'erreur, t un king. il reste juste a configurer ta Winblows Box !! ok, la ma faire ca vite. dans les setting tcpip de win9x ou NT ...

... homo BladeX, you was warned! ^^ # -- WOW, I NEVER KNEW THERE WERE JEWISH HOMOSEXUALS. | channels : @#netelligent @#efnet.org @#efnet @#I.AM.CANADIAN @#IP-man @#canuck | server : irc.efnet.nl (Hax Pax Deus Adimax) shattah 218.218.218.218 actually using host : idle : 0 hours 2 mins 20 secs (signon: Sun Aug 17 09:29:12 2008) <imm0rt4l> hah bladex: No such nick/channel blade: No such nick/channel >>> You(imm0rt4l) are now known as immortal Signon by immortal!root@your.servers at 09:33am immortal [root@your.servers] has joined #efnet.org [Users(#efnet.org:3)] [ immortal ] [ jack- ] [@shattah ] Channel #efnet.org was created at Sun Aug 17 ...

... N devono #essere fatti saltare (ulteriore protezione antispoof). if ( ! grep "^$1=\|^$2=" /etc/udplog-dontkill.conf >/dev/null); then #IPfwadm ... fi rm -f $LOGTEMP Altra soluzione: Sezione [Misc] (versione 1.7d/1.7e): script=/usr/local/bin/che/mi/frega/script-file Sezione [Rules] ...una regola che invochi "script x", x=modificatore a caso, se indifferente usare 'piano' ("script piano"). chmod +x /usr/local/bin/che/mi/frega/script-file (altrimenti non viene eseguito), e script-file nella forma: ##### (C) Leonardo Serni ##### #!/bin/sh # Let's play a sound cat  ...

... ;!!!!__```Pp```!"0`!kJU!hbub!qpmjdf__!l[" ... =lp{b?!jhvbmnfouf//!sjtb,gmbtift,dpo!vob!njojub!//!svmfb!nbt!rvf!efdjsmf!b!uvt!bnjhpuft!#IPbipip//!njsb!cpmp//!ftf!qfssp!tf!ftub!sf!qfstjhvjfoep!dporvf!nf!mp!wpz!b!dvmfbs# ... =lp{b?!mb!tdfob!tf!foesphb!njfousbt!fo!cvfopt!bjsft!vob!ufssjcmf!upsnfoub!tf!bwfdjob/// ... =lp{b?!mbt!tfdsfu!nffut!ejwjefo!b!mb!tdfof!dbsfub!ef!mb!foesphpob!z!qspwpdb!vob!tfsjf!ef!evfmpt!z!fogsfoubnjfoupt!nbsjujnpt ... =lp{b?!op//!mp!nfkps!tfsjb!btqjsbs!qjyfmft!fo!mb!sfbmjebe//!tfsjbt!vo!sf!tdfofs!fmjup!0!mjnbep!fmfduspojdbnfouf ... =tdbsbnv{?!op!jnqpsub//!mbt ...

... WMDO2>D''W7BQR?W)@>+ M@KCH$'/F<?X[V3*L#<)S!O<F@;DXW)D8TL_)8YP)'HCC_'<.PLE42`$"JA5N MI2\+M):@<MTPZ#F>58#IPK/`:%JR*%<&\X[#^>_8+L$I;AT>HK9X@3KQ(=\- MY^``*?!#C#UU(@0U14/8+!87J14]BR4/22<GP<G$;H^3?5C*(WX7:?0RB2C. M$*V,;IR0T\@*O$%:]#`Q,Y+[L0,F:<I9I:R`,<<&Y[^K.1T"9'M)6<5"B+,= M52:B+R;V!8WSWQ$[=-@DK,3X9>'JD=1L4").0VSP0!SRW_D>7":!4TRBJ1SD MEP=@8@QZF+JN5$BLD<()$2$Y.@M;B<OD%F">@3C_G5R"V)(95,+^*6]V/T6Q M-9X=G42RD:A%0C02=:\2C1>5Y42(@X_9=YS_'J>D(WE>A$1*4GP(FW&8IRA+ MN@"$K&.'D:3,G!I8%(M*I/OV9]"#?$<4QW,=R"#XM7& ...

... l/sbin | | # | | # Utilizza il comando whereis iptables , per scoprire dove | | # e' messo l'eseguibile ed utilizzare il path dato. | | # | | | | #IPTABLES=/sbin/iptables | | IPTABLES=/usr/local/sbin/iptables | | | | | | # Settings per le inferfacce ESTERNE e INTERNE per la rete | | # | | # Ogni rete Mascherata ha bisogno di avere almeno due interfacce. | | # Una interna ed una esterna. | | # | | # Per esempio, una internet potrebbe essere eth1 e quella esterna | | # eth0, nel caso di utenti modem come esterna si usera' | | # EXTIF="ppp0" | | # | | | | EXTIF="eth0" | | INTIF="eth1" | | echo " Interfaccia Esterna: $EXT ...