Concur. Two reasons, off-hand. 1. Neat way to DDoS site is the hit a few thousand sites with a spoofed return address. All thousand sites then go back to one box - which then dies. Works with superping nicely.
2. Infinite loop. Consider the old 'finger' situation. 'nuff said? Jim Byrne Ghavalas wrote: > > Hi, > > I wouldn't recommend writing a script to 'automatically scan them back', > for several reasons. The most obvious reason is that some scans are > simply spoofed. If a script 'automatically scanned them back', it would > be quite easy to get the script to scan innocent sites. -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
