IP Spoofing from Windows: the definitive guide
==============================================

by Kassy Kas
============

There is a lot of speculation about "spoofing" your internet protocol address, 
especially from Windows environments.  It sounds like an amazing idea, but it 
is not all it seems.  I will be discussing that in this guide, and also answering 
the ultimate question: is it possible?

Firstly, your IP Address is not the only thing that identifies you while on the net.  
There are other factors to consider, like your domain and yor identd.  People do not 
have to know your IP Address to find out where you are coming from.  Even if you do 
manage to spoof it, you are not completley untraceable.  There are lots of ways to get 
both your server variables and your IP Address, for example VBScript:

Request.ServerVariables("REMOTE_ADDR");

This will identify who you are.  This, or code like this, is used a lot on websites that 
log it without telling you.  Some are being careful, making sure that you do not do 
anything malicious, but others log it with a different intent, eg. to scan for NetBUS.  

-=Sideliner=-
You can remain anonymous to websites without spoofing your IP.  Just turn scripting and Java 
off, and be careful when submiting forms to CGI or ASP.

Now on to the biggie: is it possible to become anonymous by spoofing your IP/Domain from
Windows?  Well, there is no direct answer.  Not DIRECTLY from Windows...all these spoofer 
programs that say they will hide you don't work.  It is impossible from your box because 
the Windows client-server relationsip is not formed like that.  You cannot just tell the 
server your domain and IP.  DUP and Winsock do not allow it.

-=Sideliner=-
Well, there IS a way to spoof directly from Windows....or in theory there is.  It is an 
advanced method, and takes knowledge of x86 Assembly and Dial Up Networking.  You may be 
able to "talk" to your modem and tell it what you want your IP is...I am not sure about 
domain, however.  All I will say is that in x86 architecture, the modem is found at int 
14h, and there is a part of the DUP protocol called "defaultip".

So....if you cannot spoof directly from Windows...how can you?  Well, if you log into a 
shell account and get online, your domain will not be your ISP's....it will be that of 
the shell provider's, for example jdoe@shellyeah.org.  But that is not usually enough 
for some people....if you use your shell a lot then it will basically act as your 
domain anyway.  But there are other methods, for example a proxy server.

-=Sideliner=-
A proxy server is similar to a firewall in that it controls what goes in and out of a 
server.  You may be using one and not even knowing it.  Check your internet settings 
in the control panel.

If a proxy server controls what goes in and out....can it do the same with IP's?  Yes!  
But you will have trouble finding one that does.  There is a CGI based proxy at 
www.jmarshall.com...it makes you completely anonymous...try it out at www.schematic.org.  
But that will only cover surfing....and only one site.  It is a very unlikely event that 
you will find one that lets you spoof your IP.  Even if you DO find one, someone can still 
find out what your real IP and Domain is, unless there is some serious encryption going on.

-=Sideliner=-
There is a product called Freedom that makes you anonymous.  It puts you through several 
proxys and encrypts you real identity.  Unfortunately, as a beta tester of this product, 
I found it a little too much work for something that could have been accomplished a lot 
easier.  Try it yourself for 30 days at www.zeroknowledge.com.

So basically, if you want to spoof your IP....get rid of Windows!  The UNIX operting 
system acts differently, and it is theoretically possible to do it.  but remember 
spoofing your IP will not make you anonymous.  You have to consider more than that.  
Well, that's it for this article.  Here are a few guidepoints to finding out about 
this process, in the meantime, all comments are welcome to kaspa@hfactorx.org.  C ya!

-=Guidepoints=-
o Try learning about Dial Up Networking....there are lots of guides around on the net.
o If you must spoof from Win, the modem theory may be a good place to start.  Look for guides on x86 Assembly.
o Try a UNIX distribution!  www.linux.org, www.freebsd.org, www.openbsd.com, www.netbsd.org.....they just keep on coming!

----This document is property of The Datacore, [www.tdcore.com]. It may be freely distributed as long as it stays----
               ----intact and credit is given to the author. This tag may not be removed.----