Author: whichway, Posted: Thu Nov 14, 2002 11:09 pm Post subject: Spoofing question.. [ Vhosts - BNC - PsyBNC ] ---- Hi all,
I was wondering if anyone could provide me with the *basic* theory behind spoofing hostname while on IRC.
Example..
bubba @ dhcp-0009.someisp.com - normal
bubba @ runs.from.the.cops.com - spoofed
*I think* (please correct/add/subtract) it involves a personal (or hacked) DNS server and a valid domain name. When the IRC requests the information from the DNS server, it simply dumps fake information which in turn is processed as legit information.
Thanks.
Author: ShaolinTiger, Location: Kuala Lumpur, MalaysiaPosted: Thu Nov 14, 2002 11:21 pm Post subject: ---- Hiya whichway, welcome aboard.
I'm afraid it sounds like whoever you've been listening to has been feeding you bullshit.
You are way off track.
It's totally legal and if some using a host like that has told you some shit like that they are lying and trying to look like they h4x0red a name server *cough bullshit*
Basically they are just using a BNC (bouncer) or PsyBNC (known sometimes as datapipes) which means you connect to IRC via another machine, therefore IRC shows the host you connect to rather than your own.
To get a funky name like i.spank.the.ircops.com you just buy a shell (about $5 a month nowdays) and use that.
Author: chris, Location: ~/security-forumsPosted: Fri Nov 15, 2002 11:35 am Post subject: ---- Ive seen someone on irc using a nice owned BT subdomain, which was quite a good one,