Electronic Books

Chapter 6
Spoofing
Spoofing


263
Lab 48: Spoofing IP Addresses
Send Packets via False IP Address: RafaleX
Prerequisites:
None
Countermeasures:
Firewall filters, vendor patches where applicable
Description:
The RafaleX application allows for the creation of custom
IP packets. The packet is very customizable and allows for the spoofing
of the IP, setting the flags, number of packets, and so forth.
Procedure:
Start the application, set the parameters, and execute.
Double-click the
RafaleX
icon to start the application.
*Note:
RafaleX is becoming hard to locate on the Internet as it appears it is now called
Engage Packet Builder. I found that Engage has difficulties with the wireless
card in my virtual computer so this lab was run with the RafaleX application.
The Ethereal sniffer (Lab 41) was used to validate the results of this lab.
From the RafaleX screen set the
Network interface
to the desired Network
Interface Card (NIC).
264


Practical Hacking Techniques and Countermeasures
In this example, the
Source IP
of the packets to be sent is set to 10.10.10.10
with the source address of port 123. According to Internet etiquette, this should
never be able to route on the Internet as the 10.x.x.x range is reserved for
private addressing.
Set the destination IP to the target address. In this example it is 172.16.1.40.
Set the
Destination
port to port 21.
Spoofing


265
The SYN and ACK flags were set for each packet.


Pages:
94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118