Na spoof na kita -- IP Spoofing

[ Show ]

Support VoyForums

[ Shrink ]

VoyForums Announcement: Programming and providing support for this service has been a labor of love since 1997. We are one of the few services online who values our users' privacy, and have never sold your information. We have even fought hard to defend your privacy in legal cases; however, we've done it with almost no financial support -- paying out of pocket to continue providing the service. Due to the issues imposed on us by advertisers, we also stopped hosting most ads on the forums many years ago. We hope you appreciate our efforts.

Show your support by donating any amount. (Note: We are still technically a for-profit company, so your contribution is not tax-deductible.) PayPal Acct: Feedback:

Donate to VoyForums (PayPal):

[ Login ] [ Contact Forum Admin ] [ Main index ] [ Post a new message ] [ Search | Check update time ]

[ Next Thread | Previous Thread | Next Message | Previous Message ]

Date Posted: 08:08:27 08/26/04 Thu
Author: khonamekhi.com
Subject: Na spoof na kita
In reply to: zerash 's message, "Knowledge?..." on 11:51:45 07/05/00 Wed

>Clownz,
>Your site is complete and utter trash. Do the whole
>"net" community a favor and take this site off the
>net. Sites like this just make the net such a garbage
>place like it is nowadays. Most of your site contains
>just outdated information which can't be used anymore
>anyway. For example your "elite" Email Spoofing
>section - 1st off, sending anonymous e-mail has
>absolutely nothing to do with spoofing. If you'd have
>only the slightest clue on what spoofing really is and
>how it is achieved, you would maybe understand how
>silly sounds "e-mail spoofing" (Spoofing is when
>attackers authenticate one machine to another by
>forging packets from a trusted host. Main spoofings
>methods are IP, ARP and DNS. IP and ARP are pretty
>much the same since they both concentrate on
>authenticating on a machine which runs on some type of
>R services ( rlogin, rsh, rcp and rcmd), which specify
>remote hosts and users that are considered "trusted".
>Trusted users are allowed to access the local system
>without supplying a password. t seems that it would be
>easy to defeat such a flaw, but actually not, since
>the two hosts have to have a common means of verifying
>that data is in fact being transfered cleanly./ So you
>have to "guess" sequence numbers, to establish a
>connection. Nowadays, TCP sequence prediction is
>really hard to achieve since most os's now use "random
>positive increments" ( Quoted from Fyodor's network
>mapper tool). So all in all it is really hard to
>spoof, and I hope you now realize that the name "email
>spoofing" is just plain dumb). 2nd off, the text you (
>most probably someone else) has written about writing
>anonymous e-mails from sendmail powered SMTP servers,
>is just plain old and doesn't involve any skills, nor
>knowledge. Also this technique won't work on most
>servers anymore, since that was only a problem with
>sendmail, and since sendmail's complexity does make it
>difficult to secure it, people just turned to
>different mail transport agents like let's say Qmail -
>which was built with security in mind and is really
>hard to penetrate. And all your silly methods of
>"email spoofing" won't work anymore, since 95% have
>either turned away from sendmail or have succesfully
>patched sendmail (God bless them).
>Another great example of your sites stupidity would be
>the section called "telnet ports". If you'd show this
>site to anybody with any knowledge about networking,
>he'd break out laughing. You call normal ports "Telnet
>ports"? Each port is represented for a different
>service, and only one is used for telnet, 23 that
>would be. You can telnet to other ports and you'll
>maybe even receive a string from it, but that's about
>it, you won't be able to do anything else since each
>port will pretty much require to use a client needed
>exactly for the service to reply to, in which case
>telnet can't do anything. A great example would be
>port 113/tcp the auth port, you can connect to it (if
>that service is running) but that's about it, it's
>going to sit there, and do nothing, since telnet isn't
>the right client for this service and it can't respond
>with the right packets (over the net)/strings
>(localhost) to the service. Plain logics. So just
>because you can telnet to a few ports doesn't mean you
>call ports now "Telnet ports"... I hope you realize
>how silly that sounds. And that goes pretty much for
>the rest of your site. It's completely disorganized,
>it has no quality material. Ahh i just have to add
>this - you talk about knowledge, - you say, you don't
>know how far you'd be now if you wouldn't have your
>friends who have taught you "everything you know ".
>Ok, your "filez" section. Trojans? That's your
>knowledge? Well let me tell you this - when you learn
>a programming language ( and I am not talking about
>your kiddy Windows programming crap), write some
>programs, devote your time to open source public,
>learn to use another OS besides Windows, than talk
>about knowledge. Till than it'd just be better if you
>take this site off the net. Go install some *nix type
>of OS, let's say Linux for a great example.
>Learn everything you can. Pick up a few programming
>books ( Shell scripting, python, C etc.), networking ,
>administration books, and as I said before - learn
>everything you can. And than go talk about knowledge...
> Another thing I'd just like to add - this isn't a
>flame - I've stopped doing that allready many years
>ago, and flaming just get's you nowhere. Accept this
>how you want - it would go most closely to positive
>criticism (sp?). If you'd like to have a chat and are
>interested in a few of these issues, feel free to
>email me at:
>zerash@slack.net or catch me on usenet (around
>security - comp.security.unix, comp.os.linux.security
>, comp.os.linux.administration etc.). IRC, sometimes
>visit Efnet #ae , #messedup, #unixgods, but that's not
>the way to catch me...
> Till than,
> Best Regards,
> Daniel

[ Next Thread | Previous Thread | Next Message | Previous Message ]

Replies:

Re: Na spoof na kita -- dennis.com, 08:10:21 08/26/04 Thu