weblog d’un abbe


Spoofing on Internet

Filed under: Fun — Tags: , , , , , , — abbe @ 2058

Feeling lazy to type it all again, so copy pasting:

Hi all,

For those who are not able to afford a fat pipe connection, and
depending on multiple small pipes, there is a good news. Now, they can
bond multiple ethernet links from Airtel and from some other ISP (e.g.
WTOM). By bonding I mean, being able to route outgoing packets from
WTOM's IP address via Airtel's link, and probably vice versa (not
tested other way round).

To verify this, try following:

1. Make sure both your ethernet links from different ISPs are
connected to a single interface on your router, i.e. using a network

2. Now, assign addresses from both ISPs to the single interface:

- ---->8---->8----
abbe [~] chateau % /sbin/ifconfig fxp0
fxp0      Link encap:Ethernet  HWaddr 00:13:20:B7:55:0A
         inet addr:  Bcast:  Mask:
         inet6 addr: 2001:db8:3151::1/48 Scope:Global
         inet6 addr: fe80::213:20ff:feb7:550a/64 Scope:Link
         RX packets:67542 errors:0 dropped:0 overruns:0 frame:0
         TX packets:67029 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:43453983 (41.4 Mb)  TX bytes:35309688 (33.6 Mb)

abbe [~] chateau % /sbin/ifconfig fxp0:0
fxp0:0    Link encap:Ethernet  HWaddr 00:13:20:B7:55:0A
         inet addr:aaa.bbb.ccc.ddd  Bcast:  Mask:
- ----8<----88---->8----
abbe [~] chateau % route add default gw
- ----8<----88---->8----
# iptables -t nat -n -v -L  POSTROUTING
Chain POSTROUTING (policy ACCEPT 178 packets, 12630 bytes)
 pkts bytes target     prot opt in     out     source               destination
 832 62349 MASQUERADE  all  --  *      ppp_1_32_1
- ----8<----88---->8----
abbe [~] chateau % curl --interface aaa.bbb.ccc.ddd http://checkip.dyndns.org
Current IP CheckCurrent IP Address: aaa.bbb.ccc.ddd
- ----8<----8<----

Okay, in case if you mistakenly added some other address, instead of
WTOM's provided address to 'fxp0', don't worry, your packets are still
reaching their destination, it is just that the address you provided
doesn't route back to you, so you aren't getting any replies.

I tested this working not only Airtel's AS, but also in couple of
other AS'es also. Except commands there is nothing involved in this
post, which specific to GNU/Linux, so you can use your BSD box to bond

Happy spoofing on public internet :)

Ashish Shukla

Blog at WordPress.com.