Hi, I think you are right Jaap. Spoofing would only be possible when the virus has connections to a server at another IP adres from where it sends messages. As that would be closed fast, such a virus cannot live very long.
The IP adres is of the listserver. Can't it be configured so the IP adres of the originator stays visible? Regards, Pieter Hoeben Date sent: Fri, 20 Jan 2006 18:32:19 -0800 To: Multiple recipients of list CHIPDIR-L <CHIPDIR- [EMAIL PROTECTED]> Send reply to: [email protected] Organization: Fat City Network Services, San Diego, California > Hi Alex, > > At 2006-01-20 21:27, Alexandre Souza wrote: > >> I don't think that the IP number can be faked > >> because any computer receiving mail from another > >> computer has to be connected to that other > >> computer via the IP number of the other > > > >IP spoofing is a very common techinique. > > I did some research using Google and here > > http://www.iss.net/security_center/advice/Underground/Hacking/Methods/Technical/Spoofing/default.htm > > it says: > > 'A common misconception is that "IP spoofing" can be used to hide your IP > address while surfing the Internet, chatting on-line, sending e-mail, and so > forth. This is generally not true. Forging the source IP address causes the > responses to be misdirected, meaning you cannot create a normal network > connection.' > > (And what else would the purpose of spoofing be other > than hiding your IP address.) > > Here is a technical description of spoofing: > > http://www.securityfocus.com/infocus/1674 > > I think that from the description of the > Simple Mail Transfer Protocol (SMTP) > > http://www.faqs.org/rfcs/rfc821.html > > it's clear that it's using TCP and not IP > and therefore it's hard to break into an > email dialog between two systems and especially > to make sure that you can replace the first > block of the email and without that first > block it's quite useless. > > Furthermore that it's hard if not impossible > to break into a dialog between two computers > who aren't on your own local network. A local > network like that of an internet provider and > it's clients or a local business network. > > But I'm not an expert... > > Greetings, > Jaap > > -- > Author: Jaap van Ganswijk > INET: [EMAIL PROTECTED] > > Fat City Hosting, San Diego, California -- http://www.fatcity.com > --------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB CHIPDIR-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). > > ______________________________________________ Hoeben Electronics Phone: +31 6 51590081 Ronkert 44 Fax: +31 13 5096025 5094 EW Lage Mierde Private: +31 13 5096200 The Netherlands E-mail: [EMAIL PROTECTED] http://www.hoeben.com Skype: HoebenElectronics ______________________________________________ -- Author: Pieter Hoeben INET: [EMAIL PROTECTED] Fat City Hosting, San Diego, California -- http://www.fatcity.com --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB CHIPDIR-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
