tags:

views:

140

answers:

2
+3  Q: 

Impact of Changing IP Address of Outgoing IP Packets From My Network

If I modify the source ip address of all outgoing ip packets from my network to an ip address belonging to someone else (while ensuring that the checksum is correct) then what will happen.

Assume that I have a public IP address connected by a point-to-point link to an ISP. Will the ISP check that the IP address in my IP packets is correct or will it just forward the packets. I believe that ISP should just forward the packets.

what mechanisms are present in the Internet that prevent this from happening?

A: 

why should your ISP just ignore your attempts to spoof packages with false information? Were I that ISP I'd not just block the packages but instantly kick you off my network as you're either compromised by some trojan or other malware or are deliberately doing something bad. I'd do that as a public service to the world at large (trying to block computer criminals) as well as to prevent possible legal steps against me (knowingly helping in criminal activity is still a crime in most places and rightly so).

jwenting  2010-03-18 06:11:20
Why? Because it's often less effort (thus, more profitable) to do nothing, rather than be a good network citizen and police the traffic coming out of their network. Sad, but too often true.
Jim Lewis  2010-03-18 06:43:53
+2  A: 

If you do this, you will probably be unable to establish a TCP connection -- the replies will go to the spoofed IP address, preventing the three-way handshake from succeeding.

Your ISP may, or may not, employ egress filtering at their border routers and drop the spoofed packets.

Jim Lewis  2010-03-18 06:39:45
+1 correct. what about udp packets.
iamrohitbanga  2010-03-18 06:51:52
can we not flood the server with udp packets that no process on the other end reads. if anyone gives the answer to this i will accept the answer.
iamrohitbanga  2010-03-21 19:00:34
we can do this. http://unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html explains DNS attacks based on this fact.
iamrohitbanga  2010-03-26 15:42:54

related questions

Staging area ptotection based on ip...what if my client has a dynamic IP?
How to force browsers/ISPs to look for my new DNS?
Wanted: ISP failover software resources
Library for Parsing Whois Results
possible to detect ISPs that give user different IP address on every page request for login security?
Case: What does hit-ratio mean? Hierarchical Caching
Slow load times: ISP or Coding
How to retrieve isp through php?
What Are Some Decent ISPs That Host Subversion
Dealing with Latency in Networked Games
Tool for degrading my network connection?
What's the idiomatic way to do async socket programming in Delphi?
How to avoid pauses when editing code on a network drive?
Avoid traffic shaping by using ssh on port 443
Revoke shared folders in windows
Reconnect logic with connectivity notifications
Maximum buffer length for sendto?
Configure a Java Socket to fail-fast on disconnect?
Sockets in Pascal
Windows/C++: How do I determine the share name associated with a shared drive?
In C++/Windows how do I get the network name of the computer I'm on?
Using VM to get around VPN restrictions
Error ADMA5026E for WebSphere Application Server Network Deployment
How to setup Quality of Service?