Cybersecurity

Hi everyone,

I am a new comer in this forum.

When I try to send email in my Linux machine with command "mail" or "sendmail", I always find it include the IP address of my machine in the email header. Does anybody know how to eliminate this IP address or replace it with a fake one in the email header?

Thanks!

Eddie

There are many code examples in the Internet to do this. Try a search for voodoo and UNIX. voodoo is UNIX code that does what your are looking for and more.

voodoo.c

More to the point, why would you need to do this? The headers are there for a reason. Only spammers would want to hide their IP address, and if thats what you are doing then you are certainly not welcome here.

I can't think of any legitimate reasons to spoof your IP...please post here if you have one.

actually I can come up with a few legitimate reasons why you would want to hide your IP.. my systems been tampered with several times because of my IP address spreading around... sometimes the ability to hide your IP is a good way of hacking pervention.. then again.. he could be a spammer...



,AP

Security through obscurity never works. Take CodeRed for example, your IP does not need to be published anywhere, and your machine is still a potential target. My DSL-connected Linux machine is port-scanned and probed pretty regularly -- and I am not special, and do not "advertise" my IP anywhere. One interesting example is from Project Honeynet. They connected a default RedHat 6.2 (this was some time ago) install to the net, and it was rooted within 15 minutes! Just because you don't "spread" your IP around, does not make you safe in the least. My "well-known" IP address receives just as much attention from potential crackers as my "secret" one...

The solution to your problem is a good firewall, and diligent monitoring of the log files that it produces, not spoofing of mail headers.

There are lot of good reasons to hide the IP address. PRIVACY. Many people would like to send messages with enhanced privacy services; including confidentiality (encrypted messages) and confidentiality of sending address.

There are hundreds of lawful and completely OK reasons to send email with the assurance of complete privacy. In fact, some consider privacy to be a basic right of the individual.

Granted, there are lots of spammers in the world. However the right to privacy exists (in the minds of many peoples of many countries) and the fact that spammers desire privacy does not dilute the rights of non-spammers for privacy services.

Also, I must take some issue with the broad statment:

.... security by obscurity never works....


Security-by-obscurity is not considered a very secure form of security, but we all use security-by-obsurity every day of our lives. The Department of Defense is the US has many 'obscurity' techniques and processes used to augument security management and security services.

In fact, obscurity can be a great enhancement to a very solid 'non obscurity program'.

For example: take the user name ROOT. I have plenty of servers where we have removed the user name ROOT and replaced it with something else, say 'barbara'. So, someone sniffing the network when you accidently login as 'barbara' might not be so excited because they are looking for 'root'. Of course, the UID is still 0 and 'barbara' is not the name of the superuser. However, a little obscurity can help and does.

Same is true with TELNET. Change the port to something else and port scanners get really confused.

Same is true with SENDMAIL. Change the configuration file to say 'welcome to sendmail version 2.3' and the version is so different than anything in the exploit database that the 'obscurity is very useful'.

Same is true for a login MOTD and getty. Instead of 'Welcome to Linux Version 1.2' many change the TELNET return to read 'Welcome to Fore ATM Switch Fabric' Or even 'Welcome to Microsoft 2000 Professional' ... when you are running UNIX!! The indications and ramifications are obvious.

I totally agree, obscurity is not great, but it does have some nice applications that are useful combined with other stronger methods