Subject: Spoofing and routeing and other issues WAS Problesm with sendmail
From: shortpier (shortpier@shortpier.is-a-geek.com)
Date: Fri Nov 14 2003 - 07:03:33 AKST
I first started using ipmasq in 1995 On dialup connects and back then
the firewall rules were a mother to figure out (I made a few mistakes
and was routeing private IPs to the internet a couple of times, one time
my server was masqing all internet traffic back to my local net.....
That one was a doosey....)
I have seen several bad Nat/firewall setups on the cable modem
system....
Connected directly to the cable modem (gci) got the GCI IP.. then I
would alias my eth0 and give it private IP space (same nick, same
wire)... Then I would run tcpdump on the private IP alias... Funny as
hell the traffic I would pick up.. Juneau Public libary system was one,
plus several other business. Main prob I found that was causeing that
was people would plug in a NT4 Proxy box into their LAN and then plug
the cable modem into the same segment..... You had to be expliclty
looking on the subnet to capture data but you could.
One way I would find them is I would lookin network neiborhood on
Windows 98 and 2k at the time and I would see several workgroups...
they would show all the machines in the workgroup/domain yet I could
not see em.
You guys on cable modems ought to try the alias ... I found that useing
class b and class a gave me the most info.
Shortpier
---- Attached file included as plaintext by Listar -- -- File: signature.asc -- Desc: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQA/tPzUNyWzwlj5xp4RAptWAJwMJX383UrdjhnpkcTRtb0dMyew8QCfdtBh 2JVowhDHf4u7vZN89vAompg= =dVWI -----END PGP SIGNATURE-----
--------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Sun Nov 16 2003 - 00:37:15 AKST