Hi,

I think you are right Jaap. Spoofing would only be
possible when the virus has connections to a
server at another IP adres from where it sends
messages. As that would be closed fast, such a virus
cannot live very long. 

The IP adres is of the listserver. Can't it be configured
so the IP adres of the originator stays visible?

Regards,
Pieter Hoeben

Date sent:              Fri, 20 Jan 2006 18:32:19 -0800
To:                     Multiple recipients of list CHIPDIR-L <CHIPDIR-
[EMAIL PROTECTED]>
Send reply to:          [email protected]
Organization:           Fat City Network Services, San Diego, California

> Hi Alex,
> 
> At 2006-01-20 21:27, Alexandre Souza wrote:
> >> I don't think that the IP number can be faked
> >> because any computer receiving mail from another
> >> computer has to be connected to that other
> >> computer via the IP number of the other
> >
> >IP spoofing is a very common techinique.
> 
> I did some research using Google and here
> 
> http://www.iss.net/security_center/advice/Underground/Hacking/Methods/Technical/Spoofing/default.htm
> 
> it says:
> 
> 'A common misconception is that "IP spoofing" can be used to hide your IP 
> address while surfing the Internet, chatting on-line, sending e-mail, and so 
> forth. This is generally not true. Forging the source IP address causes the 
> responses to be misdirected, meaning you cannot create a normal network 
> connection.'
> 
> (And what else would the purpose of spoofing be other
> than hiding your IP address.)
> 
> Here is a technical description of spoofing:
> 
> http://www.securityfocus.com/infocus/1674
> 
> I think that from the description of the
> Simple Mail Transfer Protocol (SMTP)
> 
> http://www.faqs.org/rfcs/rfc821.html
> 
> it's clear that it's using TCP and not IP
> and therefore it's hard to break into an
> email dialog between two systems and especially
> to make sure that you can replace the first
> block of the email and without that first
> block it's quite useless.
> 
> Furthermore that it's hard if not impossible
> to break into a dialog between two computers
> who aren't on your own local network. A local
> network like that of an internet provider and
> it's clients or a local business network.
> 
> But I'm not an expert...
> 
> Greetings,
> Jaap
> 
> -- 
> Author: Jaap van Ganswijk
>   INET: [EMAIL PROTECTED]
> 
> Fat City Hosting, San Diego, California -- http://www.fatcity.com
> ---------------------------------------------------------------------
> To REMOVE yourself from this mailing list, send an E-Mail message
> to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
> the message BODY, include a line containing: UNSUB CHIPDIR-L
> (or the name of mailing list you want to be removed from).  You may
> also send the HELP command for other information (like subscribing).
> 
> 


______________________________________________

 Hoeben Electronics     Phone:   +31 6 51590081
 Ronkert 44             Fax:     +31 13 5096025
 5094 EW Lage Mierde    Private: +31 13 5096200
 The Netherlands        E-mail:  [EMAIL PROTECTED]
 http://www.hoeben.com  Skype:   HoebenElectronics
______________________________________________

-- 
Author: Pieter Hoeben
  INET: [EMAIL PROTECTED]

Fat City Hosting, San Diego, California -- http://www.fatcity.com
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB CHIPDIR-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).

Reply via email to