Hello group..
We have been under sustained bogus form enquiry submission attack from a clickfarm. They were originally using VPNs. We contacted the VPN companies and they have blocked access to our websites across their platforms.
The culprits have now changed strategy and seem to be accessing the site using white listed IPs in the UK (Virgin, BT, Talk Talk etc)..
We can only presume they are now spoofing IP addresses?
Are we correct in this assumption?
If so, how do we now combat this one? Also note the lead data used in the form sill is passing Google recaptcha, honeytrap and data validation checks.
Any assistance is greatly appreciated.
Thanks
Iβm trying to Spoof an IP close to my location, far but around my general state, is it possible to use Tails to spoof my IP to a city near me, rather than internationally?
Hello everyone,
So I've been spoofing for quite a long time with no issues. I always stayed in my province and it was working flawlessly. However 6 months ago I spoofed in New York Central Park after I was offline for 24+ hours and yet, after spinning a pokestop I seemed to have been temp banned. Couldn't see any pokemon and spins wouldn't work. It got me thinking since I was on my wifi, Niantic can know where I live by the IP address. Do I need to VPN locally where I want to spoof to prevent detection ? Any other reasons or was I just panicking for nothing ?
I'm asking now because I'm tired of having no one in the local raids and looking to spoof further to popular spots.
By the way I only use GPS joystick + mock location. Yes it works 100% on my old phone.
Thanks,
Hello people,
This post was originally made on r/virtualmachine but due to the collective knowledge that this forum has I thought it would be appropriate to post on here aswell for more input/reference by other users.
In my case I am running hosting my VM on a Windows 10 desktop and my goals are as follows :
-
Not reveal that I am using a VM
-
Not reveal any data of my host machine
-
Hide my IP address (would I install a VPN on my host machine or my VM)
-
Spoof my MAC address
I am inexperienced with the intricacies and workings of VMware so I apologise if I have fucked up terminology/donβt understand how VM properly operates. I would also appreciate any information related to the subject of untraceability/anonymity while using a VM.
EDIT: Format correction
I'm fairly new to Cisco Meraki, I'm impressed by what I have seen so far :) I have a question - Under Firewall settings IP Source Address Spoofing Protection can be set to Block or Log. I cannot find where in the event log spoofing attempts would be logged. The documentation doesn't seem clear on this... Does anyone know what I can filter by to find this type of event? At the moment I have this set to "Block" all of networks I manage. Thanks!
Sanity check, I'm hearing a few things that aren't adding up...
Do TCP and IP packets have a way to maliciously craft the header to have a different reply-to address than the source?
For example:
ACL that denies everyone but 1.1.1.1/28 to 53
If an attacker/bot throws the entire spoofed range of IP's at my firewall and hit the magic numbers - source 1.1.1.1 and reply to 2.2.2.2.
I see how a reflection attack would take spoofed source to DDoS someone else, but the team is talking data exfiltration.
I assume most packet integrity checks and L7/DPI/IPS would reject things like this, but in the realm of almost anything is possible, is this kind of attack viable/practical/or just known to violate the IP spec and firewall kills the session.
Hello /r/networking.
I am developing a DHT in the Rust programming language, and as part of that effort I've been looking at how UDP hole punching works, since I need to make sure I support NAT traversal. The DHT consists of a series of nodes that should be able to contact each other via unsolicited UDP messages.
Ideally, I would like my network to be fully distributed, which would mean not depending on a rendezvous server as an initial point of contact between two nodes.
I would really like my nodes to be able to contact any other node in the network, regardless of NAT, without the aid of a central element. Now, I think I've come up with a solution, but I'm not a networking expert so what I'm about to propose may be completely stupid. Do not be afraid to tell me if that's the case. It's probably unfeasible, because otherwise someone must've thought of it before, but I'd love if you could tell me why, if that's the case, and whether or not there are any alternatives.
So... Let's say that I own a static IP address, but it's not associated to any live server. Any UDP packet sent to that address gets lost in the void. However, if I understand NAT correctly, the router must create an address tuple nevertheless, so if a UDP packet were to magically come back from that address, it would be routed to the appropriate host in the private network.
What if I make it so every one of the nodes on the network is sending a keepalive UDP packet to that 'black hole' address, all the time, and every time a node wants to handshake with another, the first packet is IP-spoofed to appear from that same IP?
If node A spoofs its ip to the 'black hole' address to contact node B, the packet will be accepted, containing the real IP and port of node A within it. From there on, both nodes can write to each other and the communication would be established. (obviously, node A would ping with the spoofed IP and its actual IP in parallel, so the router can translate both).
Am I missing something obvious? Are there any technical or legal reasons why ISPs wouldn't route my packets in this scenario?
Thanks!
From the recent 'Fappening'.
How is this even possible? I thought IP addresses were unique?
A while back when i thought surfing deep web was cool and stuff i came across a lot of boards some of which were not as popular and very clean but had few rotten apples, i remember one moderator being so angry that someone was posting illegal content that we're not allowed to talk about and him being impossible to track because his ip address was literally localhost. How is this possible? Or, is it even possible?
-
- i don't know how to call it so I'm calling it spoofing.
I am learning about SPF. One thing I never hear mentioned with ways to bypass SPF is by IP address spoofing. Couldnβt an attacker lookup the SPF records for a particular domain and spoof their address as such? I understand that they wouldnβt get any actual response, but that could get their email through a filter where somebody may click on a link. Also, I understand this would only work if the ISP of the attacker doesnβt do IP validation on source addresses.
Hello everyone!
I'm a security researcher from Hunters (XDR company).
We found an interesting new attack technique.
We found a way to obfuscate the attacker IP on AWS Cloud Trail logs. It means that when attackers compromise an account, they will be able to choose the IP address that is logged to the account, using the VPC feature.
You can read more about it here (our blog) and listen to our new podcast about it here.
My Twitter account: u/sayag_security
What do you guys think?
Quick Background:
I have spectrum community wifi because I live in an apartment. Great speed but no ability to customize the network (personal routers/access points, switches, NAS, etc. Basically anything fun gets blacklisted). I lost access to my smart lights because spectrum sees my Hue Bridge as a "router". This is a known issue and spectrum support basically says "tough shit". I have no access to any network equipment past the ethernet port in the wall. I have no other options without paying an insane amount for sub par internet.
Theory:
One of my classmates at college mentioned that an old roommate of his spoofed the MAC of a printer on the school's dormatory network and it allowed him to use his personal router. He used a ras pi between his router and the wall. Not sure on the exact details. My theory is that if I do a similar thing I could fool the network into allowing my personal router to work properly.
The question:
I have a netgear r6080 that has the ability to "use this mac address". I've tried setting the mac as that of my printer on a separate network (at my childhood home) but I'm receiving an error "403 forbidden" when I hit apply.
Why is the setting not taking? Assuming I could get the router feature to work, would this be a viable solution? Would the router retain the setting once I install it at my apartment? Again, I have no access to the modem to power cycle it so everything has to be done offline or at my other residence.
Would this be better suited for something like an old computer running pfsense where I have command line access?
Basically what above says. I Work remotely from a van, but use hotspot & have to travel a bit around my state & surrounding states to help family with various issues. Work wants me to stay in a single area of my state and monitors IP address (it's a work laptop) so how do I spoof it to always show the same area? Thanks
Hello, I have been trying to spoof my MAC address and was successful on one computer but on another it didn't work. I was wondering why this would be happening. Could anyone help me out with this?
Hello people,
In my case I am running hosting my VM on a Windows 10 desktop and my goals are as follows :
- Not reveal that I am using a VM 2.Not reveal any data of my host machine
- Hide my IP address (would I install a VPN on my host machine or my VM)
- Spoof my MAC address
I am inexperienced with the intricacies and workings of VMware so I apologise if I have fucked up terminology/donβt understand how VM properly operates. I would also appreciate any information related to the subject of untraceability/anonymity while using a VM.
