Knowledge?... -- IP Spoofing

[ Show ]

Support VoyForums

[ Shrink ]

VoyForums Announcement: Programming and providing support for this service has been a labor of love since 1997. We are one of the few services online who values our users' privacy, and have never sold your information. We have even fought hard to defend your privacy in legal cases; however, we've done it with almost no financial support -- paying out of pocket to continue providing the service. Due to the issues imposed on us by advertisers, we also stopped hosting most ads on the forums many years ago. We hope you appreciate our efforts.

Show your support by donating any amount. (Note: We are still technically a for-profit company, so your contribution is not tax-deductible.) PayPal Acct: Feedback:

Donate to VoyForums (PayPal):

[ Login ] [ Contact Forum Admin ] [ Main index ] [ Post a new message ] [ Search | Check update time ]

[ Next Thread | Previous Thread | Next Message | Previous Message ]

Date Posted: 11:51:45 07/05/00 Wed
Author: zerash
Subject: Knowledge?...

Clownz,
Your site is complete and utter trash. Do the whole "net" community a favor and take this site off the net. Sites like this just make the net such a garbage place like it is nowadays. Most of your site contains just outdated information which can't be used anymore anyway. For example your "elite" Email Spoofing section - 1st off, sending anonymous e-mail has absolutely nothing to do with spoofing. If you'd have only the slightest clue on what spoofing really is and how it is achieved, you would maybe understand how silly sounds "e-mail spoofing" (Spoofing is when attackers authenticate one machine to another by forging packets from a trusted host. Main spoofings methods are IP, ARP and DNS. IP and ARP are pretty much the same since they both concentrate on authenticating on a machine which runs on some type of R services ( rlogin, rsh, rcp and rcmd), which specify remote hosts and users that are considered "trusted". Trusted users are allowed to access the local system without supplying a password. t seems that it would be easy to defeat such a flaw, but actually not, since the two hosts have to have a common means of verifying that data is in fact being transfered cleanly./ So you have to "guess" sequence numbers, to establish a connection. Nowadays, TCP sequence prediction is really hard to achieve since most os's now use "random positive increments" ( Quoted from Fyodor's network mapper tool). So all in all it is really hard to spoof, and I hope you now realize that the name "email spoofing" is just plain dumb). 2nd off, the text you ( most probably someone else) has written about writing anonymous e-mails from sendmail powered SMTP servers, is just plain old and doesn't involve any skills, nor knowledge. Also this technique won't work on most servers anymore, since that was only a problem with sendmail, and since sendmail's complexity does make it difficult to secure it, people just turned to different mail transport agents like let's say Qmail - which was built with security in mind and is really hard to penetrate. And all your silly methods of "email spoofing" won't work anymore, since 95% have either turned away from sendmail or have succesfully patched sendmail (God bless them).
Another great example of your sites stupidity would be the section called "telnet ports". If you'd show this site to anybody with any knowledge about networking, he'd break out laughing. You call normal ports "Telnet ports"? Each port is represented for a different service, and only one is used for telnet, 23 that would be. You can telnet to other ports and you'll maybe even receive a string from it, but that's about it, you won't be able to do anything else since each port will pretty much require to use a client needed exactly for the service to reply to, in which case telnet can't do anything. A great example would be port 113/tcp the auth port, you can connect to it (if that service is running) but that's about it, it's going to sit there, and do nothing, since telnet isn't the right client for this service and it can't respond with the right packets (over the net)/strings (localhost) to the service. Plain logics. So just because you can telnet to a few ports doesn't mean you call ports now "Telnet ports"... I hope you realize how silly that sounds. And that goes pretty much for the rest of your site. It's completely disorganized, it has no quality material. Ahh i just have to add this - you talk about knowledge, - you say, you don't know how far you'd be now if you wouldn't have your friends who have taught you "everything you know ". Ok, your "filez" section. Trojans? That's your knowledge? Well let me tell you this - when you learn a programming language ( and I am not talking about your kiddy Windows programming crap), write some programs, devote your time to open source public, learn to use another OS besides Windows, than talk about knowledge. Till than it'd just be better if you take this site off the net. Go install some *nix type of OS, let's say Linux for a great example.
Learn everything you can. Pick up a few programming books ( Shell scripting, python, C etc.), networking , administration books, and as I said before - learn everything you can. And than go talk about knowledge...
Another thing I'd just like to add - this isn't a flame - I've stopped doing that allready many years ago, and flaming just get's you nowhere. Accept this how you want - it would go most closely to positive criticism (sp?). If you'd like to have a chat and are interested in a few of these issues, feel free to email me at:
zerash@slack.net or catch me on usenet (around security - comp.security.unix, comp.os.linux.security , comp.os.linux.administration etc.). IRC, sometimes visit Efnet #ae , #messedup, #unixgods, but that's not the way to catch me...
Till than,
Best Regards,
Daniel

[ Next Thread | Previous Thread | Next Message | Previous Message ]

Replies:

zerash.... -- clownz, 17:31:59 07/07/00 Fri
Re: Knowledge?... -- CrSt|mEtH, 19:02:22 08/20/04 Fri
Na spoof na kita -- khonamekhi, 08:06:47 08/26/04 Thu
Na spoof na kita -- khonamekhi.com, 08:08:27 08/26/04 Thu
- Re: Na spoof na kita -- dennis.com, 08:10:21 08/26/04 Thu
Spoof ba gusto mo -- DennisEllisJason.com, 09:40:35 08/27/04 Fri
- Spoofing ulit gusto mo!!!! -- DennisEllisJasonRusselRaquel.org, 09:43:50 08/27/04 Fri
  - Gusto mo Maraming Spoofing -- DennisEllisJason.gov, 09:47:30 08/27/04 Fri
  - Spoofing ulit gusto mo!!!! -- yahoo.gov, 09:49:11 08/27/04 Fri
    - marami pang spoofing -- PLnP.mil, 09:52:04 08/27/04 Fri