[Dshield] d-link router and security
cbrenton at chrisbrenton.org
Sat Jan 3 00:50:14 GMT 2004
On Fri, 2004-01-02 at 15:43, Steve wrote:
> What is the syntax used to do this I'm interested in this..
> I know the ping "ip" -j host-list - but what is "host-list"
Ya its pretty cool stuff. ;-)
I prefer to use hping to generate them raw, but if memory serves its
just a space separated list. something like:
ping -j 220.127.116.11 18.104.22.168 22.214.171.124 192.168.1.10
So this command would bounce the echo-request off of 126.96.36.199, then
188.8.131.52, then 184.108.40.206, before heading to 192.168.1.10. If the host at
192.168.1.10 also support loose source routing, the reply follows the
same path back to the original source.
This is one of the reasons why an external IP should never be considered
trusted without some form of authentication. If you where to sniff the
packet on the 192.168.1.0/24 network, the source IP within bytes 12-15
of the IP header would be 220.127.116.11 (all the other addresses are stored
after byte 19). So if 18.104.22.168 was an external "trusted" IP, a
firewall would think this host originated the packet when in fact its
actually coming from some other host. I've worked my way in this way
doing pen testing in the past and even saw a host get whacked this way.
Have fun and play nice! :-)
More information about the list