email/internet security

**Dr.Evil** · 03-11-2002, 12:47 PM

can someone tell me how to block my internet provider address. (this board won't let me type those letters lol).

so that if i write to the wrong person unknowingly he would have no way of tracing where the email came from?

***Sicilian30*** · 03-11-2002, 12:51 PM

Okay Doc, I am the man you need to talk to .. first off tell me exactly what you wanna do... drop me a PM if you don't want to post it here..
Wait I just reread what you were asking.
Okay there are several "Shareware" (yeah right) programs out there to do what is called IP spoofing. Go the the Internet and type in IP spoofing software and see what comes up. If not, let me know, I can give you some of mine, but they are kinda heavy duty and hard to work, kinda tricky.
Pm me if you need some advice.

**Dr.Evil** · 03-11-2002, 01:00 PM

cool i'll take a look at the eye pee spoofing. is this something that i'll have to install onto my computer? i use a public computer for my most sensitive emails right now, but i don't think i can install anything on them because everything is deleted from the hard drive when the computer restarts and the user logs out. do you think it's safer to just use your own pc and install an eye pee spoofer, trusting that the eye pee addy will be blocked, or should i just install this onto the public computer everyday i use it?

**Big Rush** · 03-11-2002, 03:09 PM

If you are using a "public computer", say at your school or library, you shouldn't have much to worry about. I would just use a different one each time I made thise "sensitive" e-mails.
Peace

***Sicilian30*** · 03-11-2002, 05:55 PM

Well hell, I had a chit load of stuff put here, but it erased it. Okay one more time..
Dr. Evil now that you have explained what you are trying to do, here is what is up:
First off a proxy won't work, unless it has Eye P spoofing capabilities, which I don't know of any that do. To prove my theory, go to www.grc.com and click on "shields up" then click on "test my sheilds" and guess what your Eye P number will show (the public EYE P anyways).
I am behind a very very sosphicated firewall and yes, my Eye P shows up there.
Proxy's are used for protecting your computers against hackers by closing and filtering ports (that is a whole nother discussion) they can sometimes encript ports for outgoing traffic, mine does.
Okay, the only sucessful way to hide your Eye P number is by Eye P spoofing. These types of software are usually written by hackers and "underworld persons" if you know what I mean. I have a bunch, I will have to go dig for them, but I can find some.
Yes, you will have to install on a PC to make it work.
You said that you log off, which tells me that you are either on an NT or Windows 2000 workstation. This makes matters even tougher.
For example, if you are on a network, which you probally are. Depending on who set it up chances are they have monitoring software on it.
On my network at my office, I get a daily email telling me where my employees went on the internet, what they downloaded how long they stayed on a certain site, how many times they went to that site, and even what emails they got in that day. I setup and secure networks all day long, and I have monitoring setup cause I want to see what my employees are doing.
However, doesn't mean that they are monitoring you.
If you are on a network then you will have your own IP number, which is probally what we call a non public Eye P number usually 10.0.0.1,2,3, etc, 192... 172....
I woud have to see how the network is setup to tell you if you are being tracked or logged, it depends on where it is, and if you are loggin in as you, then chances are they can find out where you have been, if they wanted. So there is no easy answer to this problem unless you install EYE P spoofing software on your PC. There is no other way around, it, if it is a library then just use a different computer, and that would be hard to track. If it is at your work, or at school and you log on using your name or a name known to someone on your network, you can be tracked easier and almost guranteed that you can get caught if the proper software monitoring were inplace.
Sorry about the long discussion, but Eye P protocol is very complicated and without knowing alot about how it works makes it difficult to explain all the in's and outs. I am posting a site to give you some info on spoofing. I have to post this first..
http://advice.networkice.com/Advice/...ng/default.htm
Here is that website telling about spoofing just some info

**IronCy** · 03-11-2002, 07:03 PM

say i took my personal laptop to work, plugged in the network cable and used the internet connection without having to log in...can i be tracked in that respect...I have a workstation (my work computer) that I log in an do my daily work...but I also have an extra network cable by my desk that i plug my laptop into to use.

**IronCy** · 03-11-2002, 07:56 PM

but if im not logged in on the network, how can they identify me

**lobo** · 03-11-2002, 09:16 PM

they (your network people at your work) if needed would be able to trace the IP number that was requesting the info back to the port the extra network cable was plugged into in your office. They would probably be able then, to figure out what was what unless you share your office then it would be simple elimination.

**Dr.Evil** · 03-12-2002, 12:04 PM

thanks a lot sicilian. that was a very informative post. i'll check out the website you posted.

Originally posted by sk*
ip spoofing is more efficient in some cases, but remember that the data being retrieved from the server will not go to his ip, therefore, it is not the best thing to do.

can you elaborate on this? i'm clueless when it comes to this stuff

how did you get the letters i p to appear next to each other without it being censored? lol.

***Sicilian30*** · 03-12-2002, 12:36 PM

No no SK I hate to say it bro, but you are alittle wrong there. Trust me bud, I secure networks everyday. Take your proxy and go to that site and see if the eye P numbers comes up. It will. If you are behind a proxy, that makes the "administrator" even more control of and how you can be tracked. Trust me, that is my whole reason for having a proxy server at my office, so I can see what my guys are doing.
Yes, if he does go to a website chances are the person or whomeever will have the "public IP" number where the proxy server resides. Even though his actually workstation Eye P number is hidden behind the proxy server, teh administrator of the proxy or network can track him if proper monitoring is setup on the proxy server.

Now to answer Iron Cities ?:
Iron, first off if you plug your laptop into your network and you don't log and hit escape or something, but you can still surf the Internet, this means that you are still getting an EYe P number from what is called a DHCP Server. (Dynamic Host Compatable Protocol). This means that there is a server out there, on your network that is still handing down an Eye P number to your workstation even if you are not loggin into the network. That means that DHCP server can also have monitoring capabilities as well, but will not be very detailed if proper monitoring software is not setup.
Again it you guys are in this situation, it all depends on what kind of monitoring software the "Administrator of the network" is using.
I personally want to see where my peoples are going, and I can and will, everyday as I said, I have a detailed report sent to me automatically from my proxy server on where my peoples have gone for that day..
Proxy's yes are servers setup to "let other computers flow thru it", but it's main purpose is to protect the other computers from hackers by filtering TCP/IP ports that are exposed when surfing, checking email, ftp, gopher and so on. Proxy's are sometimes referred to as firewalls, but there is a fine line. Most proxies usually have firewalls built into them, and most use what is calld NAT. (network Address Translation) similar to DHCP. Anyways, it pays to be an MCSE for 7 years now.. you learn all about this neat kinda stuff.. LOL..

My proxy server is one of the best that money can buy, it actually encripts data that leaves all my TCP/IP ports, but still my Public EYE P number is out there... I am telling you the only way to hide an EYe P effectively is to IP spoof.. trust me on this one guys. No proxy server will help you with that, even if the EYE P is not pingable, or even if you turn off all "echo's" on your proxy, it is still out there.. There is no safe place on the Internet, not from waht I have seen with my very own eyes and my years of experience into this kind of thing.
Sorry again for the long post, but there are alot of misconceptions about this debate, but ask any IT guy that knows TCP/Eye P protccol and will tell you the exact same thing, I guarantee it. I specialized in TCP/eye P on my MCSE, and I can show you a whole lot of neato things you can do with it.. LOL.. and no I can't hack and will not hack a website for you. LOL..