Use Tor (http://tor.eff.org/). ISP's don't really track it, but that
shouldn't be a concern of yours if you're pentesting. The end device
can't tell it's been through tor.
It sounds like you're internal on the network. I can't tell by your
wording. If so, use SSH tunneling. Works like a charm.
(http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter3.html#using-port-forwarding)
On 9/13/07, Vivek P <iamherevivek@gmail.com> wrote:
hi
it was quick & impressive
we had worked on socks proxy! there are some mertis & demerits
the network on which we are testing (80 % target simulation) has some
filters which blocked it..
Are you aware of some technology though which i can employ dns
poisoning to route it to a virtual location !! where i have control !!
I am interested to do something at packet level cos setting up a proxy
also can be traced at the ISP level!!
Any suggestion to go about it would be appretiated!
thanx
On 9/14/07, Utmost Bastard <utmostbastard@gmail.com> wrote:
Other then delivering a payload with a forged packet you will have to proxy
through something.
If you are reverse tunneling a shell it will need to relay through a proxy
of sorts also if you truly need the originating IP concealed.
Basically anything other then a one way connection is going to need a valid
address to relay the data back and forth from.
The first and only truly reliable thing I can think of is a good fast socks
proxy.
----- Original Message -----
From: "Vivek P" <iamherevivek@gmail.com>
To: "Utmost Bastard" <utmostbastard@gmail.com>
Cc: <security-basics@securityfocus.com>; "Pen-Testing"
<pen-test@securityfocus.com>
Sent: Thursday, September 13, 2007 4:15 PM
Subject: Re: Anonymizing Packets yet ensuring 0 % packet loss
hi
thanks for the quick reply
my goal is to hide my ip adress, the n/w packets will be pentest
related & general stuff!
there is no torrent, but FTP, HTTP & regular communications will take
place from the setup!
I am looking for a solution with which i can permanently show a
different IP adress! (not actual)
i did try creating packets, the problem is that the reply doesnt come
back to me!!
I was successful to broadcast a packet outside & it came back too..
but it was traceable (i used a carrier)... :-(
i would appretiate some one discussins techncalities. I am okay with
coding a program fr the same!
On 9/14/07, Utmost Bastard <utmostbastard@gmail.com> wrote:
PeerGuardian just uses preset "block lists" of IP addresses to function.
If
an IP address is met any protocol/port transferring or receiving data is
blocked at the network layer.
I do not think that is the goal you are trying to achieve.
If this is for traffic such as torrent your IP will still be known from
the
tracker itself but you will not be sending or receiving data from any of
the
IP addresses you have in your list.
http://www.bluetack.co.uk/forums/index.php ironically has a torrent to
download the latest blocklist set.
Hopefully this clears any questions up.
UB
----- Original Message -----
From: "Vivek P" <iamherevivek@gmail.com>
To: <security-basics@securityfocus.com>; "Pen-Testing"
<pen-test@securityfocus.com>
Sent: Thursday, September 13, 2007 1:52 PM
Subject: Anonymizing Packets yet ensuring 0 % packet loss
hi all
I am on a lookout for IP hiding & anonymity for a project of mine!
I was googlin for some time now! most amusing one that i came across
was that of Peer Guardian..
I wanted to get directions frm hw best can i get my identity hidden!
atleast without using a proxy server from some providers (like
anonymiser)...
the link for Peer Guardian is here: http://phoenixlabs.org/pg2/
I m pretty sure someone would have tried it..
I am testing it as i am writing this query...
thanks in advance
-------------------------------------------
Vivek P Nair
VP Tech
Appin Group Of Companies
Appin Security Group
Module III TBIU
IIT DELHI
Hauz Khaus
New delhi
India
www.appinlabs.com
vivek.p@appinlabs.com
We explore... and you call us criminals.
We seek after knowledge... and you call us criminals.
We exist without skin color, without nationality, without religious
bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to
us and try to make us believe it's for our own good, yet we're the
criminals.
Yes, I am a criminal. My crime is that of curiosity.
My crime is that of judging people by what they say and think, not
what they look like.
I am a hacker, and this is my manifesto.
You may stop this individual, but you can't stop us all!
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
--
-------------------------------------------
Vivek P Nair
Vice President Technology
Appin Group Of Companies
Appin Security Group
Module III TBIU
IIT DELHI
Hauz Khaus
New delhi
India
www.appinlabs.com
vivek.p@appinlabs.com
+919910924675
We explore... and you call us criminals.
We seek after knowledge... and you call us criminals.
We exist without skin color, without nationality, without religious
bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to
us and try to make us believe it's for our own good, yet we're the
criminals.
Yes, I am a criminal. My crime is that of curiosity.
My crime is that of judging people by what they say and think, not
what they look like.
I am a hacker, and this is my manifesto.
You may stop this individual, but you can't stop us all!
--
-------------------------------------------
Vivek P Nair
Vice President Technology
Appin Group Of Companies
Appin Security Group
Module III TBIU
IIT DELHI
Hauz Khaus
New delhi
India
www.appinlabs.com
vivek.p@appinlabs.com
+919910924675
We explore... and you call us criminals.
We seek after knowledge... and you call us criminals.
We exist without skin color, without nationality, without religious
bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to
us and try to make us believe it's for our own good, yet we're the
criminals.
Yes, I am a criminal. My crime is that of curiosity.
My crime is that of judging people by what they say and think, not
what they look like.
I am a hacker, and this is my manifesto.
You may stop this individual, but you can't stop us all!
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
