From: Mike N. 

On Tue, 4 Apr 2006 22:57:32 -0400, "Geo"  wrote:

>Anyone here think they could write a program that could do the following.
>
>I want to create a web page that allows folks to test to see if their ISP is
>spoofable, iow if they filter outbound packets that have a source address of
>something other than is hosted on their networks.

   There can be several cases of false 'green lighting'.  One is from a
Corp user behind a Pix firewall.  They will always get a 'pass' signal
because the local firewall prevents spoofing.  Another is that some NAT
implementations always blindly convert the source address to a local
address before sending to the WAN.   We'd need to test the 99% case
(linksys) to see what works.


>To do this I need some sort of a client side executable that can send a UDP
>packet with a special fixed source address (something on my network would
>work) and the real IP address of the source as the data in the packet to my
>website. On the website side I would need something that can receive this
>packet and determine the real source address from the data then pass that
>off to an access database.

   The relatively easy case is ActiveX, but this would cover only Windows
and IE.   Java is better of course, but I don't know if they offer IP
address spoofing in the Java API.   In any case, the Japplet would probably
require full local privileges to execute.

   These are just thoughts so far ... I am not starting on an
implementation yet.   Anyone else?

--- BBBS/NT v4.01 Flag-5