[TriLUG] IP Address spoofing

Matt Pusateri mpusateri at wickedtrails.com
Thu Jan 26 13:26:18 EST 2012 

Well you switch is going to get confused as well, as it won't know where to send UDP vs. TCP traffic.

Sent from my iPhone

On Jan 26, 2012, at 9:43 AM, Igor Partola <igor at igorpartola.com> wrote:

> Mystery solved: Seva was correct. The spoofing works only if "spoofer" and
> the "spoofee" are on the same subnet.
> 
> Looks like I will need something a bit more sophisticated such as an IP in
> IP or IP in UDP/IP tunnel. Is anyone aware of such a thing that already
> exists? Basically what I am looking to do is the following:
> 
> Have Host A listen on a number of UDP ports, then forward all the packets
> to Host B:port X. The listener on Host B:port X will strip off the outer IP
> (and possibly UDP) header and then spoof the address locally. Then the
> original UDP service on Host B can reply directly to original sender. If
> such a thing does not exist, would there be any interest in an open source
> version of it, since the company I work for (TransLoc Inc), might very well
> let me release it.
> 
> For those wondering why I'm looking into this: TransLoc tracks buses and
> the way they talk to our servers is over UDP, sending short packets with
> their location over cellular networks + Internet. Our tracking service then
> sends them magic packets back as a sort of acknowledgment that we are
> hearing from them. Due to how the devices have the domain name of the
> servers semi-hardcoded, we cannot just move the tracking service around,
> but we can route the UDP packets around so that eventually they wind up
> reaching the tracking server. The biggest issue is that we need to make
> sure that the acknowledgments reach devices, which means we have to know
> their IP:port. Hence my attempt at spoofing the address of the sender.
> 
> Thanks!
> Igor
> -- 
> This message was sent to: M. Pusateri <mpusateri at wickedtrails.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web    : http://www.trilug.org/mailman/options/trilug/mpusateri%40wickedtrails.com
> TriLUG FAQ          : http://www.trilug.org/wiki/Frequently_Asked_Questions

More information about the TriLUG mailing list