Aha!
Planet X
planetxx@richnet.net
Wed, 16 Jan 2002 02:14:43 -0500
Very interesting! But, I have not been able to file transfer on ICQ
for many many months. I have no idea why. Usually, its _my_ firewall.
I am going to apply what you said to the firewall. Thank you!
Joel
----- Original Message -----
From: "Sascha Reissner" <sascha.reissner@toxicnet.de>
To: "Planet X" <planetxx@richnet.net>; <netfilter@lists.samba.org>
Sent: Wednesday, January 16, 2002 01:52 AM
Subject: Re: Changing your TCP/IP packets before they leave your PPP (Or
external interface)...
> From: "Planet X" <planetxx@richnet.net>
>
> > What is the syntax for manipulating my TCP/IP packets so that...
> >
> > #1... My actual Eth MAC address is not used. (For now, I shouldnt worry
> > since
> > my external interface is a 56K modem/PPP)
>
> why should you worry about your MAC address?
>
> > #2... And my OS/Proxy version and details are not queried from some
> > hacker...
> > Some hackers on ICQ get my IP and they cut-n-paste that I
> > have
> > RH 7.1 beta (Roswell), Squid 2.4.1 stable and a couple
of
> > other details.
> > I am not sure what they are doing to achieve this
query!
> > Arrgh.
>
> just block all incoming traffic with the state NEW, so they cannot run
tools
> like nmap on you to find out your OS with OS fingerprinting. otherwise,
just
> dont use ICQ.. ICQ has a really uggly designed
> protocoll. if you block all incoming NEW traffic you cannot receive ICQ
> filetransfers anymore.
>
> > #3... and in a worse case scenario, I would like to have my PPP
interface
> > IP #
> > actually reported as a differant IP # (spoofing) but
> spoofed
> > with an IP #
> > that is just 1 or 2 numbers higher. Or is this morally
> > wrong to do? ;-)
>
> this cannot be done, how do you expect to get response packets for your
own
> outgoing traffic? it would never reach you, because it would get sent to
the
> spoofed IP
>
> --
> Sascha Reissner - sascha.reissner@toxicnet.de -
http://www.toxicnet.de/
> PGP Fingerprint: 27C4 F5BB E4D7 7B44 A47A B1E7 6014 F3E5 85B1 BEF7
>
>
>