Need to use fake IP in mail header because of dos attacks

Need to use fake IP in mail header because of dos attacks

Post by jnel » Tue, 23 Sep 2003 06:28:17



Hi,

I need to put fake IP address into the header of the message sent to my
list.
I had 3 dos attacs and I think that they comes from some people in my
newslist.

How to hide or to send fake IP by smtp when connecting to the mail server of
possible attackers?

Thanks

Jim

 
 
 

Need to use fake IP in mail header because of dos attacks

Post by Jem Berke » Tue, 23 Sep 2003 06:40:06


Quote:> I need to put fake IP address into the header of the message sent to
> my list.
> I had 3 dos attacs and I think that they comes from some people in my
> newslist.

Sure it's not just these new Windows worms?

Quote:> How to hide or to send fake IP by smtp when connecting to the mail
> server of possible attackers?

Can't be done. NNTP and SMTP are TCP/IP protocols; for the data exchanges
to occur you must use the true IP address in your packets.

--
Jem Berkes
http://www.sysdesign.ca/

 
 
 

Need to use fake IP in mail header because of dos attacks

Post by Peter K?hlman » Tue, 23 Sep 2003 06:38:57



> Hi,

> I need to put fake IP address into the header of the message sent to my
> list.
> I had 3 dos attacs and I think that they comes from some people in my
> newslist.

> How to hide or to send fake IP by smtp when connecting to the mail
> server of possible attackers?

> Thanks

> Jim

Get your spam education somewhere else
--
If you had any brains, you'd be dangerous.
 
 
 

Need to use fake IP in mail header because of dos attacks

Post by ray » Tue, 23 Sep 2003 10:55:26



> Hi,

> I need to put fake IP address into the header of the message sent to my
> list.
> I had 3 dos attacs and I think that they comes from some people in my
> newslist.

> How to hide or to send fake IP by smtp when connecting to the mail server of
> possible attackers?

> Thanks

> Jim

Sounds like you should delete them from you list.
 
 
 

1. Urgent: Machine crash, someone DoS attack using ICMP..help needed

Hi,

My machine is attacking by ICMP DoS, almost everyday.

Feb 20 12:29:55 bsd /kernel: icmp-response bandwidth limit 923/200 pps
Feb 20 12:29:56 bsd /kernel: icmp-response bandwidth limit 820/200 pps

And the machine freezed, after the attack, and have to reboot it.

I have setup the IPFW to block the ICMP, but still not solving the problems.

This is my IPFW rules:

    03001 allow tcp from (my dialup IP) to any 21
    03100 deny tcp from any to any 21
    04001 allow tcp from (my dialup IP) to any 22
    04100 deny tcp from any to any 22
    09001 allow icmp from (my dialup IP) to any
    09002 allow icmp from (server IP) to any
    09003 allow icmp from 127.0.0.1 to any
    09100 deny icmp from any to any
    65534 allow ip from any to any
    65535 deny ip from any to any

Advise and sugguestions needed for the IPFW rule configuration.

And do we need the "allow ip from any to any via lo0" to be added into the Rules?

helps are appreciated.
Thnx
-Matt

2. RH8.0 Fatal Error Installing Packages

3. faked yahoo-mail-headers ? (OT?)

4. Networking in Linux

5. iptables: fake ip using DNAT and SNAT

6. multiple libc's compatibility problem

7. ipfw using fake IP...

8. Need Linux for 386, and SLIP

9. Can ipchains be used to counteract DOS attacks?

10. Is there a way to stop dos attacks using iptables?

11. Help, I need a list of Denial of Service attack by symptom to track an attack

12. IP masquarading ( fake ip probs )

13. IPCHAINS real ip and fake ip