Howitzer - 1/22/2005 8:36 PM
Kirk, your knowledge smells like a 1st year IT student.
I'm not going to post any links because the activity is illegal try a web masters website.
Just exactly what kind of analyzing do you do? My radar has been up for some time about you but your ignorance to IT has the red alert light flashing.
If anyone doens't know shit about IT, its you. You are obviously clueless to the difference between a network engineer and a database programmer, that's for sure.
This is the way science works pal - you made an assertion, now you provide something testable to either prove yours or disprove mine, that can be tested by people independent of the both of us. Your excuse it is "illegal" is a lie.
Try another link:
--[ IP-Spoofing is a 'Blind Attack' ]--
One often overlooked, but critical factor in IP-spoofing is the fact that the attack is blind. The attacker is going to be taking over the identity of a trusted host in order to subvert the security of the target host. The trusted host is disabled using the method described below. As far as the target knows, it is carrying on a conversation with a trusted pal. In reality, the attacker is sitting off in some dark corner of the Internet, forging packets puportedly from this trusted host while it is locked up in a denial of service battle. The IP datagrams sent with the forged IP-address reach the target fine
(recall that IP is a connectionless-oriented protocol-- each datagram is sent without regard for the other end) but the datagrams the target sends back (destined for the trusted host) end up in the bit-bucket. The attacker never sees them.
The intervening routers know where the datagrams are supposed to go. They are supposed to go the trusted host. As far as the network layer is concerned, this is where they originally came from, and this is where responses should go. Of course once the datagrams are routed there, and the information is demultiplexed up the protocol stack, and reaches TCP, it is discarded (the trusted host's TCP cannot respond-- see below). So the attacker has to be smart and know what was sent, and know what reponse the server is looking for. The attacker cannot see what the target host sends, but she can predict what it will send; that coupled with the knowledge of what it will send, allows the attacker to work around this blindness.
Now Mr. Genius, tell us how you are going to get around that? If your other IP is a valid IP, the only way you are going to access the returned pages is by running a different session on your computer with that address - a vaild address that can be tied to you, not a "spoof" that hides your identity, and if you are trying to get around IP blocking, a pretty damn dumb set up considering the fact it only takes about five minutes to set up a new login under your new IP anyway.