also see:
http://www.kyuzz.org/antirez/hping2.html
by:
[EMAIL PROTECTED]
Thanks,
Ron DuFresne
On Tue, 21 Dec 1999, Parker, Gary W wrote:
> Eric Johnson <[EMAIL PROTECTED]> said ...
>
> > "Parker, Gary W" wrote:
> > > Retaliation is not the proper response to attacks, real or perceived.
> > > Remember that you propose to spoof the attacker's address in your
> response.
> > > The attack itself could well have been made using a spoofed address, and
> you
> > > will in effect be further victimizing someone who is already themselves
> a
> > > victim.
> >
> > I'm not clear on what a port scan accomplishes with a spoofed address
> > unless it is just to make you think you're being scanned from elsewhere.
> > If you're being scanned from a spoofed address, then whoever is trying to
> > find a vulnerability will never know the result, right?
> >
>
> One attack like this was reported at
> http://www2.merton.ox.ac.uk/~security/archive-199806/0233.html
>
> Possible reasons someone might do this would be to hide the logging of a
> lower octane attack within reams of logging for the scan. Another reason is
> to cause a legitimate resource to be blocked. If a few major ISP's block an
> e-commerce site (see Apple.com article referenced above), it could result in
> significant lost revenue.
>
> -GWP
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
