From nobody Thu Feb 02 14:38:46 2023
X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P71cz55fzz3fJnH
	for <freebsd-security@mlmmj.nyi.freebsd.org>; Thu,  2 Feb 2023 14:38:59 +0000 (UTC)
	(envelope-from sambuddho@iiitd.ac.in)
Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4P71cz1W7lz4Zt2
	for <freebsd-security@freebsd.org>; Thu,  2 Feb 2023 14:38:58 +0000 (UTC)
	(envelope-from sambuddho@iiitd.ac.in)
Authentication-Results: mx1.freebsd.org;
	none
Received: by mail-qt1-x834.google.com with SMTP id m12so2009601qth.4
        for <freebsd-security@freebsd.org>; Thu, 02 Feb 2023 06:38:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=iiitd.ac.in; s=google;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=SYhzbjvru+9I/UixmM/3SyVf1buPqbOW7h2mRgdSlz0=;
        b=Fo53AdNT0Itu+YnJoWc38ZpUYGcRO7jq5v0SM1i6Jt0jQhXoHWeNDEHVoj7UwY1YpV
         5HLZ6+zs8DEfvaR7u4TeJkNs8W+st8YBScIY8XOWnDpLmM27X5VASmhHrtbNvCVPQ+J1
         VeCG7FlP2LKIaXakvvDseZRWfpcT/1cEZZvdo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=SYhzbjvru+9I/UixmM/3SyVf1buPqbOW7h2mRgdSlz0=;
        b=G7qkii230Qgan1xyviPG4t4JFESIg469duDHsHu4tVdK4yrh87oIAabOXeWOL0baNp
         r/Cuy5I9sbpCJpv5Nx/4y/xO/3ksOnMzZcEfush9c30Ixt2+zd+8HLg//lp+mg4vISIP
         UBsxlARgy/FkjdGGW5ke+tlWcrtM2dTg/d0nKwMah7O4eJL8sXKcRnVo9LuEaL4VMT56
         1PSCEaY+a915ejrUZZf8g4XhNjcRllfWGkgB+qtr4ZBss6+ZJ8d4Q2vlCyi+1i2yaIc8
         ASmKrwfr+UD0AjMBhlajXO6wkoWC62Tw//Soq/rAJO9BCq2xfODcxr7CRsHZ6MH9XT1Y
         DB+Q==
X-Gm-Message-State: AO0yUKX/f8A73T+tPdqBcO+mjotFM+rFRACoz8irrZRKvH0oSkknjC5+
	aI78NNyVqg8c+GEISJ4ooKKPJcswXBCpVCgAANwiC0nJ1UClc52+
X-Google-Smtp-Source: AK7set+f7FCwLxzEMA8URIsdhcPQCOHDgmH59tq2THpVunObWTKt6bAQFLTvVvvgayyV70Y2tEM4WHZrQq3UCwphWrk=
X-Received: by 2002:ac8:5846:0:b0:3b9:b9e1:3335 with SMTP id
 h6-20020ac85846000000b003b9b9e13335mr586747qth.314.1675348737953; Thu, 02 Feb
 2023 06:38:57 -0800 (PST)
List-Id: Security issues <freebsd-security.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-security
List-Help: <mailto:freebsd-security+help@freebsd.org>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Subscribe: <mailto:freebsd-security+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-security+unsubscribe@freebsd.org>
Sender: owner-freebsd-security@freebsd.org
X-BeenThere: freebsd-security@freebsd.org
MIME-Version: 1.0
References: <CAK1-MKcNetGHrg5VpHpmrE+XDf+Svn1pp-rWd+TzU9ay76frfw@mail.gmail.com>
 <Y9u6yyIfz8nHpb5c@DataIX.net>
In-Reply-To: <Y9u6yyIfz8nHpb5c@DataIX.net>
From: Sambuddho Chakravarty <sambuddho@iiitd.ac.in>
Date: Thu, 2 Feb 2023 20:08:46 +0530
Message-ID: <CAK1-MKfXrogVdFWRO8ifQtn6HHq-CXBg2oHYC05VKjc3V+v6vw@mail.gmail.com>
Subject: Re: help regarding IP address spoofing (when using nmap)
To: jhellenthal@dataix.net
Cc: freebsd-security@freebsd.org
Content-Type: multipart/alternative; boundary="00000000000066ad0d05f3b8860b"
X-Rspamd-Queue-Id: 4P71cz1W7lz4Zt2
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-ThisMailContainsUnwantedMimeParts: N

--00000000000066ad0d05f3b8860b
Content-Type: text/plain; charset="UTF-8"

It was running as root only...

Also, no the address didn't belong to the interface,  and I was spoofing
it...

So is there no way to spoof packet IP addresses ?

On Thu, 2 Feb 2023, 18:59 J. Hellenthal, <jhellenthal@dataix.net> wrote:

> On Thu, Feb 02, 2023 at 04:19:57PM +0530, Sambuddho Chakravarty wrote:
> >    Hi All
> >     I am a relatively newbie to FreeBSD (earlier was running
> >    Linux). I am running FreeBSD 13.1.
> >    I am trying to run nmap with source IP address spoofing
> >    (for some academic purposes). It works fine with Linux
> >    but on FreeBSD I get the following error:
> >    # nmap -e re0 -S 192.168.17.92 -sS 143.110.249.18  -p 8080 -Pn
> >    Starting Nmap 7.93 ( https://nmap.org ) at 2023-02-02 16:04 IST
> >    NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to 192.168.17.92:0
> failed
> >    (IOD #1): Can't assign requested address (49)
> >    NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to 192.168.17.92:0
> failed
> >    (IOD #2): Can't assign requested address (49)
> >    It works fine without the source spoofing but doesn't when I use
> >    it. I can however use my own machine's source IP address with
> >    the '-S' option.
> >    --
> >    best,
> >    sambuddho
>
> sudo(8) or su(1) ?
>
> An address should also be assigned to a interface for it to be bound to.
>
> --
> The fact that there's a Highway to Hell but only a Stairway to Heaven says
> a lot about anticipated traffic volume.
>

--00000000000066ad0d05f3b8860b
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"auto">It was running as root only...<div dir=3D"auto"><br></div=
><div dir=3D"auto">Also, no the address didn&#39;t belong to the interface,=
=C2=A0 and I was spoofing it...</div><div dir=3D"auto"><br></div><div dir=
=3D"auto">So is there no way to spoof packet IP addresses ?</div></div><br>=
<div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu, 2 =
Feb 2023, 18:59 J. Hellenthal, &lt;<a href=3D"mailto:jhellenthal@dataix.net=
">jhellenthal@dataix.net</a>&gt; wrote:<br></div><blockquote class=3D"gmail=
_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:=
1ex">On Thu, Feb 02, 2023 at 04:19:57PM +0530, Sambuddho Chakravarty wrote:=
<br>
&gt;=C2=A0 =C2=A0 Hi All<br>
&gt;=C2=A0 =C2=A0 =C2=A0I am a relatively newbie to FreeBSD (earlier was ru=
nning<br>
&gt;=C2=A0 =C2=A0 Linux). I am running FreeBSD 13.1.=C2=A0<br>
&gt;=C2=A0 =C2=A0 I am trying to run nmap with source IP address spoofing=
=C2=A0<br>
&gt;=C2=A0 =C2=A0 (for some academic purposes). It works fine with Linux=C2=
=A0<br>
&gt;=C2=A0 =C2=A0 but on FreeBSD I get the following error:<br>
&gt;=C2=A0 =C2=A0 #=C2=A0nmap -e re0 -S 192.168.17.92 -sS 143.110.249.18=C2=
=A0 -p 8080 -Pn<br>
&gt;=C2=A0 =C2=A0 Starting Nmap 7.93 ( <a href=3D"https://nmap.org" rel=3D"=
noreferrer noreferrer" target=3D"_blank">https://nmap.org</a> ) at 2023-02-=
02 16:04 IST<br>
&gt;=C2=A0 =C2=A0 NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to <a href=
=3D"http://192.168.17.92:0" rel=3D"noreferrer noreferrer" target=3D"_blank"=
>192.168.17.92:0</a> failed<br>
&gt;=C2=A0 =C2=A0 (IOD #1): Can&#39;t assign requested address (49)<br>
&gt;=C2=A0 =C2=A0 NSOCK ERROR [0.0170s] mksock_bind_addr(): Bind to <a href=
=3D"http://192.168.17.92:0" rel=3D"noreferrer noreferrer" target=3D"_blank"=
>192.168.17.92:0</a> failed<br>
&gt;=C2=A0 =C2=A0 (IOD #2): Can&#39;t assign requested address (49)<br>
&gt;=C2=A0 =C2=A0 It works fine without the source spoofing but doesn&#39;t=
 when I use<br>
&gt;=C2=A0 =C2=A0 it. I can however use my own machine&#39;s source IP addr=
ess with<br>
&gt;=C2=A0 =C2=A0 the &#39;-S&#39; option.<br>
&gt;=C2=A0 =C2=A0 --<br>
&gt;=C2=A0 =C2=A0 best,<br>
&gt;=C2=A0 =C2=A0 sambuddho<br>
<br>
sudo(8) or su(1) ?<br>
<br>
An address should also be assigned to a interface for it to be bound to.<br=
>
<br>
-- <br>
The fact that there&#39;s a Highway to Hell but only a Stairway to Heaven s=
ays a lot about anticipated traffic volume.<br>
</blockquote></div>

--00000000000066ad0d05f3b8860b--