I have to say something about my presentation at defcon last year. The source routing examples in the presentation are based on the Linux 2.0 kernel. In the 2.0 kernel it was just to disable "drop source routed frames" and enable "forwarding" when compiling the kernel. It is not just to set /proc/sys/net/ipv4/conf/all/accept_source_route to 1 and /proc/sys/net/ipv4/ip_forward to 1 in the 2.2 and 2.4 kernel. I think you have to compile the kernel as "advanced router" and set /proc/sys/net/ipv4/conf/all/rp_filter to 0. I do not have the time to get the exact configuration, but I am sure this will help. And remember, this configuration is not secure! This configuration should only be set on pen-test computers. One last thing on defcon. I can not come this year. My wife and I are expecting a newborn the same time as defcon. Bad planning right? ;-) Well, there will be 6-8 people from iXsecurity this year. You can get drunk with them. If you mail rikard.carlssonat_private he will send you the logo that iXsecurity will have on their t-shirts this year. Anders Ingeborn from iXsecurity will speak about small payloads on Windows at defcon. Small as in the comphack code: http://www.securityfocus.com/archive/1/156486 Enough defcon promotion ;-) Ian Vitek, iXsecurity In reply to "Jason Witty, CISSP" <jasonat_private> > Ian Vitek did a pretty good presentation on IP spoofing and source routing > last year at defcon. His slides can be found at > http://www.wittys.com/files/defcon_vitek.ppt . His examples are based on > using netcat and simple ifconfig tricks, to fully source route the packets. > Hope this helps. > > Jason
This archive was generated by hypermail 2b30 : Sun Jun 10 2001 - 08:16:40 PDT