Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 05 Sep 2002 16:29:31 +0100
From:      Rob O'Donnell <robert@aphnet.co.uk>
To:        Redmond Militante <r-militante@northwestern.edu>, freebsd-questions@freebsd.org
Subject:   Re: Forging identd while chatting in IRC channel
Message-ID:  <5.1.1.6.0.20020905161556.03233788@pop3.norton.antivirus>
In-Reply-To: <20020905144856.GA354@darkpossum>
References:  <20020905022753.GC76893@vectors.cx> <20020905020403.GA23029@houston.rr.com> <20020905022753.GC76893@vectors.cx>
next in thread | previous in thread | raw e-mail | index | archive | help 

At 09:48 05/09/2002 -0500, Redmond Militante wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>hi
>
>this looks cool
>
>is there any way to get it forge a hostname, versus a username
>i tried the -s option, didn't seem to work.  -m option works fine
>
>
>thanks
>
>redmond
>
>On Wed, Sep 04, 2002 at 07:27:53PM -0700, Adam Weinberger expatiated with 
>great perspicuity:
> > security/liedentd
> >
> > -Adam
> >


Since the IRC server needs to know a real IP address in order to talk to 
you, you'll
never be able to hide completely.  AFAIK most servers echo the RDNS for 
address you
connected from.  If you have access to the reverse-DNS for your IP, then 
you could
manipulate this; put something more to your taste in there, but unless you 
have your
own IP range, and are not merely a user of some random ISP, you are unlikely
to be able to do this.

In any case, a lot of servers (irc & ftp particularly) will also check your 
forward-DNS
matches the reverse-DNS and block if it doesn't, so you can end up shooting 
yourself
in the foot  anyway, if you try and hide by putting the name of someone 
else in your
RDNS.

Basically, if you don't want someone to know where you're connecting from, 
don't
connect to them.

You could try using one of the publicly accessible (some accidentally so) 
proxy
servers, but then you get into all sorts of issues with DCC.

(If anybody knows how to set mIRC on a xp box up to work through a FreeBSD
router running ppp's NAT + socks5 proxy server such that DCC works 
perfectly in
both directions,  I'd love to know!)

HTH

Rob.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.0.20020905161556.03233788>