Date: Thu, 2 Feb 2023 20:08:46 +0530 From: Sambuddho Chakravarty <sambuddho@iiitd.ac.in> To: jhellenthal@dataix.net Cc: freebsd-security@freebsd.org Subject: Re: help regarding IP address spoofing (when using nmap) Message-ID: <CAK1-MKfXrogVdFWRO8ifQtn6HHq-CXBg2oHYC05VKjc3V%2Bv6vw@mail.gmail.com> In-Reply-To: <Y9u6yyIfz8nHpb5c@DataIX.net> References: <CAK1-MKcNetGHrg5VpHpmrE%2BXDf%2BSvn1pp-rWd%2BTzU9ay76frfw@mail.gmail.com> <Y9u6yyIfz8nHpb5c@DataIX.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] It was running as root only... Also, no the address didn't belong to the interface, and I was spoofing it... So is there no way to spoof packet IP addresses ? On Thu, 2 Feb 2023, 18:59 J. Hellenthal, <jhellenthal@dataix.net> wrote: > On Thu, Feb 02, 2023 at 04:19:57PM +0530, Sambuddho Chakravarty wrote: > > Hi All > > I am a relatively newbie to FreeBSD (earlier was running > > Linux). I am running FreeBSD 13.1. > > I am trying to run nmap with source IP address spoofing > > (for some academic purposes). It works fine with Linux > > but on FreeBSD I get the following error: > > # nmap -e re0 -S 192.168.17.92 -sS 143.110.249.18 -p 8080 -Pn > > Starting Nmap 7.93 ( https://nmap.org ) at 2023-02-02 16:04 IST > > NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to 192.168.17.92:0 > failed > > (IOD #1): Can't assign requested address (49) > > NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to 192.168.17.92:0 > failed > > (IOD #2): Can't assign requested address (49) > > It works fine without the source spoofing but doesn't when I use > > it. I can however use my own machine's source IP address with > > the '-S' option. > > -- > > best, > > sambuddho > > sudo(8) or su(1) ? > > An address should also be assigned to a interface for it to be bound to. > > -- > The fact that there's a Highway to Hell but only a Stairway to Heaven says > a lot about anticipated traffic volume. > [-- Attachment #2 --] <div dir="auto">It was running as root only...<div dir="auto"><br></div><div dir="auto">Also, no the address didn't belong to the interface, and I was spoofing it...</div><div dir="auto"><br></div><div dir="auto">So is there no way to spoof packet IP addresses ?</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 2 Feb 2023, 18:59 J. Hellenthal, <<a href="mailto:jhellenthal@dataix.net">jhellenthal@dataix.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Thu, Feb 02, 2023 at 04:19:57PM +0530, Sambuddho Chakravarty wrote:<br> > Hi All<br> > I am a relatively newbie to FreeBSD (earlier was running<br> > Linux). I am running FreeBSD 13.1. <br> > I am trying to run nmap with source IP address spoofing <br> > (for some academic purposes). It works fine with Linux <br> > but on FreeBSD I get the following error:<br> > # nmap -e re0 -S 192.168.17.92 -sS 143.110.249.18 -p 8080 -Pn<br> > Starting Nmap 7.93 ( <a href="https://nmap.org" rel="noreferrer noreferrer" target="_blank">https://nmap.org</a>; ) at 2023-02-02 16:04 IST<br> > NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to <a href="http://192.168.17.92:0" rel="noreferrer noreferrer" target="_blank">192.168.17.92:0</a> failed<br> > (IOD #1): Can't assign requested address (49)<br> > NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to <a href="http://192.168.17.92:0" rel="noreferrer noreferrer" target="_blank">192.168.17.92:0</a> failed<br> > (IOD #2): Can't assign requested address (49)<br> > It works fine without the source spoofing but doesn't when I use<br> > it. I can however use my own machine's source IP address with<br> > the '-S' option.<br> > --<br> > best,<br> > sambuddho<br> <br> sudo(8) or su(1) ?<br> <br> An address should also be assigned to a interface for it to be bound to.<br> <br> -- <br> The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.<br> </blockquote></div>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAK1-MKfXrogVdFWRO8ifQtn6HHq-CXBg2oHYC05VKjc3V%2Bv6vw>