[thelist] Changing HTTP Headers

Judah McAuley judah at wiredotter.com
Fri Sep 20 20:49:01 CDT 2002

Mircea Bogdan wrote:
> Thanx for the links and info. I think an IP spoof is what I have to do as you
> suggested. As for what they are looking for, I have to figure out:))
> I've told you before that the only thing that appears in the browser is that
> text..(it's a cgi script that returns the so called error)
> I'll try with an anonymus proxy and I'll let you know in no time if it works or
> not.

You probably won't want to use IP spoofing.  With an TCP/IP packet you
have a destination address and a source address.  When you send out a
packet routers along the way use the destination address to figure out
where the packet goes.  They never look at the source address.  At the
other end, the destination machine looks at the source address, creates
a new packet in response to the request, and then makes the source
address of the received packet the destination address of its response
packet and sends it on the way.

If you spoof the source address to a NZ IP address, you won't receive
the response packets because it will be going to another IP address.  IP
spoofing really only works for DOS and man in the middle attacks.

The best way I can think of to get around this problem is to get an
account on a *nix box somewhere in NZ and then use an SSH tunnel between
your host and your new account in NZ.  Then use port forwarding so that
port 80 on your box goes through the SSH tunnel and then gets forwarded
to port 80 again on the other end of the tunnel.  This will cause all of
your traffic to appear from the *nix box in NZ.

Much simpler work around than hacking TCP/IP headers.


More information about the thelist mailing list