UGN Security
Posted By: Soap What's in the box...I mean kernel? - 05/07/02 02:07 PM
So My kernel (apparently) doesn't support IP_masquerading, so how would I know?

And how would I go about checking out what my kernel DOES have? IE: modules installed.. (corect terminology?)

thx
Posted By: Soap Re: What's in the box...I mean kernel? - 05/09/02 02:42 PM
ok I looked into it realizing also i might not have been all that clear ;-)

well at the time off compiling a new kernel, you make rmproper, then when u get to make config/mencuconfig/xconfig , thats' the part you choose what your kernel has I every domain.

then the monolitik/modular kernel thing determinies whether or not u can add modules.
Now these would be the modules I see with an lsmod right.

Now i talking about the **** done at compile time (config time really).
Once in a shell working on your kernel, how would you check what your kernel supports and doesn't. re-run make config?? NAh...
Posted By: ? Re: What's in the box...I mean kernel? - 05/09/02 04:28 PM
Your Kernel does not have anything to do with IP masquerading. A lot of people get it twisted, IP spoofing is a complex topic. The way it works is you have to send raw packets and change the source IP in the header by yourself. but of course, when you change the source IP you will not recieve the syn/ack packets so you won't know if the remote computer has accepted your connection. it's really jus shooting in the dark but it does not have anything to do with ur kernel. as long as raw sockets are supported (any OS except the older Windows and Mac OS 9 and below I think) you're in good shape.
Posted By: hKzKnight Re: What's in the box...I mean kernel? - 05/09/02 05:07 PM
I can say, update your kernel, yet it should have nothing to do with it. ? is right, also it can be if you are running a firewall (not sure). What distro you got and what program.
Posted By: Soap Re: What's in the box...I mean kernel? - 05/10/02 08:56 AM
look, I think you got me wrong ? I'm no lokking to try and spoof my IP, and I know about all that thx.

I am talking in the capacity of the kernel in The IP protocol. That is, masquerading, and redirect (proxying....).

Has anyone here ever copmpiled a kernel??

using ipchains for example to redirect or proxy then the kernel must havecertain options....(chosen when compiling it)

do u understand me? (and my question)
Posted By: pergesu Re: What's in the box...I mean kernel? - 05/10/02 12:09 PM
I think Soap's asking more about how to set up his box to work as a gateway or a router for his network, not spoofing. You're best bet would be to check out the Linux Router Project, found at www.linuxrouter.org Unfortunately the server is down at the moment, so I can't get the exact link for setting up your box as a router/gateway. I also found a pretty good page with instructions on setting it up, it can be found at http://www.escalix.com/freepage/doggerdog/freesco/ The guy uses the Freesco distro, but you can use whatever unix you want.
Posted By: hKzKnight Re: What's in the box...I mean kernel? - 05/10/02 07:21 PM
Well if that is the case, he should have said that. He got us l05t at first :+). Well I can look it up in my lib or my mags, yet www.linuxrouter.org is a wonderful website. So are any other websites I have posted in the forum. No, I have not compiled a kernel, maybe a general (jk), yet I've debugged them for fun and looked at some scources. (that was just a side note) Also what distro do you have? Sometimes one is better then another to do such, Red Hat would be a fine choice for a gateway or SuSe.
Posted By: Soap Re: What's in the box...I mean kernel? - 05/12/02 06:34 PM
Well u understand what I'm doing currently (router,etc) yet my question is more general.

I'm looking for a way (thru shell => shell command?) to find what my kernel supports and doesn't. That is, what it was configurated w/t @ compile-time.

*including...IP_MAQSQUERADING=Y hopefully*

any1 know a way??

*looking inoccently at the linux d00d...*
Posted By: PolPot Re: What's in the box...I mean kernel? - 05/13/02 02:49 AM
If you AREN'T SURE if your Linux distribution is MASQ ready, do the following:

I think the command is ls /proc/sys/net/ipv4 .

With 2.4.x kernels (look for most of the following entries out of the much longer list):
ip_dynaddr

ip_forward

And for 2.2.x kernels:

ip_always_defrag

ip_dynaddr

ip_forward

ip_masq_debug

ip_masq_udp_dloose

Running "ls /proc/net"


ip_fwchains

ip_fwnames

ip_masquerade


Running "ls /proc/net/ip_masq"


app

icmp

icq

mfw

portfw

tcp

udp

Hope this helps out, in some way or another.
Posted By: sinetific Re: What's in the box...I mean kernel? - 05/13/02 03:36 AM
As root type "kernelversion" it will tell you what version number your kernel is. Look up if that version supports what your looking for. I think starting at 2.4 and up all suport ip masqerading. As for what its compiled with....you dont know what you compiled? If you compiled your kernel yourself you should know what you compiled onto it I guess, I dont mean to sound like a dick about it.
Posted By: Soap Re: What's in the box...I mean kernel? - 05/13/02 07:41 AM
SAAAAAAAAAAAAAAAAAAAAFE !!! laugh laugh

thx 4 the info polpot

ow sinetific, well yeah I compiled the kernel kernel but thru the GUI will installing the thing th first time...U know how it is...u don't choose...
© UGN Security Forum