Wed, 16 Jan 2002 02:14:43 -0500
Very interesting! But, I have not been able to file transfer on ICQ
for many many months. I have no idea why. Usually, its _my_ firewall.
I am going to apply what you said to the firewall. Thank you!
----- Original Message -----
From: "Sascha Reissner" <firstname.lastname@example.org>
To: "Planet X" <email@example.com>; <firstname.lastname@example.org>
Sent: Wednesday, January 16, 2002 01:52 AM
Subject: Re: Changing your TCP/IP packets before they leave your PPP (Or
> From: "Planet X" <email@example.com>
> > What is the syntax for manipulating my TCP/IP packets so that...
> > #1... My actual Eth MAC address is not used. (For now, I shouldnt worry
> > since
> > my external interface is a 56K modem/PPP)
> why should you worry about your MAC address?
> > #2... And my OS/Proxy version and details are not queried from some
> > hacker...
> > Some hackers on ICQ get my IP and they cut-n-paste that I
> > have
> > RH 7.1 beta (Roswell), Squid 2.4.1 stable and a couple
> > other details.
> > I am not sure what they are doing to achieve this
> > Arrgh.
> just block all incoming traffic with the state NEW, so they cannot run
> like nmap on you to find out your OS with OS fingerprinting. otherwise,
> dont use ICQ.. ICQ has a really uggly designed
> protocoll. if you block all incoming NEW traffic you cannot receive ICQ
> filetransfers anymore.
> > #3... and in a worse case scenario, I would like to have my PPP
> > IP #
> > actually reported as a differant IP # (spoofing) but
> > with an IP #
> > that is just 1 or 2 numbers higher. Or is this morally
> > wrong to do? ;-)
> this cannot be done, how do you expect to get response packets for your
> outgoing traffic? it would never reach you, because it would get sent to
> spoofed IP
> Sascha Reissner - firstname.lastname@example.org -
> PGP Fingerprint: 27C4 F5BB E4D7 7B44 A47A B1E7 6014 F3E5 85B1 BEF7