Uses the Linux system IP address to disguise the hacker

Source: Internet
Author: User
Use the Linux system IP address to disguise the hacker-Linux Enterprise Application-Linux server application information. The following is a detailed description. Firewalls can be divided into several different security levels. In Linux, because there are many different firewall software options, the security can be low and high, and the most complex software can provide almost no penetration protection capabilities. However, the Linux core itself has a simple mechanism called "Disguise". Apart from the most specialized hacker attacks, it can withstand the vast majority of attacks.

When we dial up the Internet, our computer will be assigned an IP address, so that other people on the Internet can return the information to our computer. Hackers use your IP address to access information on your computer. The "IP disguise" method used in Linux is to hide your IP address and prevent others from seeing it on the network. There are several groups of IP addresses that are specially reserved for use by the local network. The Internet backbone router cannot be identified. For example, the IP address of the author's computer is 192.168.1.127. If you enter this address in your browser, you cannot receive anything because the Internet backbone does not recognize the IP address 192.168.X.X. There are countless computers on other intranets, and the same IP address is used. Because you cannot access it at all, you cannot intrude into or crack it.

To solve the security problem on the Internet, it seems to be a simple task. You just need to select an IP address that someone else cannot access for your computer. Error! Because when you browse the Internet, the server also needs to send the data back to you, otherwise you will not see anything on the screen, the server can only return data to a valid IP Address registered on the Internet backbone.

"IP camouflage" is a technology used to solve this dilemma. When you have a Linux-installed computer that is set to use "IP camouflage", it will bridge the internal and external networks, and automatically interpret the IP addresses from the inside out or from the outside to the inside. This action is usually called network address translation.

In fact, "IP camouflage" is more complex than the above. Basically, the "IP disguised" server is built between two networks. If you use a simulated dial-up modem to access data on the Internet, this is one of the networks. Your Intranet usually corresponds to an Ethernet card, which is the second network. If you are using a DSL or Cable Modem, the system will have a second ethernet card instead of the analog Modem. Linux can manage each IP address of these networks. Therefore, if you have a computer that installs Windows (whose IP address is 192.168.1.25) on the second network (Ethernet eth1, to access a cable modem (207.176.253.15) on the Internet (Ethernet eth0), Linux's "IP disguise" intercepts all TCP/IP packets sent from your browser, extract the original local address (192.168.1.25) and replace it with the actual address (207.176.253.15. Then, when the server returns the data to 207.176.253.15, Linux will automatically intercept the return packet and fill in the correct local address (192.168.1.25 ).

Linux can manage several local computers (such as 192.168.1.25 and 192.168.1.34 in Linux's "IP disguise") and process each packet without confusion. The author has an old 486 computer installed with SlackWare Linux that can simultaneously process packets sent from four computers to a cable modem without reducing the speed.

Before the second version of the core, "IP disguise" is managed by the IP sending management module (IPFWADM, IP fw adm. Although the core of the second edition provides faster and more complex IPCHAINS, it still provides IPFWADM wrapper to maintain downward compatibility. Therefore, the author will take IPFWADM as an example in this article, to describe how to set "IP camouflage" (you can go to http: // scheme ).

In addition, some applications such as the non-standard packages used by RealAudio and CU-SeeME require special modules. You can also obtain relevant information from the above websites.

The author's server has two Ethernet cards, which are set in eth0 and eth1 respectively during core activation. These two cards are SN2000 ISA adapter cards without jumping feet, and most Linux systems recognize these two cards. The initialization steps of the author's Ethernet network are set in rc. inet1. The command is as follows:
QUOTE:

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.