[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] Re: Security : Port scanning
On Thu, 8 May 2003 12:20:30 +0100 (BST)
"Chris J" <cej [at] nightwolf.org.uk> wrote:
>
> And Lo! Tthe Great Prophet " M" uttered these words of wisdom...
> > Richard Ibbotson <richard [at] sheflug.co.uk> wrote:
> >
> >>
> >> Lot of scanning going on from spoofed and falsified addresses.
> >
> > Spoofing an adress for port scanning isn't likely to be of much
> > use as you can't see the results coming back or am I missing
> > something?
>
> Well, it is possible to put source routing in an IP header, so a
> spoofed packet can get back if there's a route it can follow. I don't
> know how many routers drop source routed packets these days --
> certainly border gateways and bastions /should/ drop source routed
> packets, as their origin is unknown and could be hostile.
I understand most routers on the internet are configured to ignore
source routed information, they route according to the destination
address only.
> Spoofing is much better for DOS and DDOS attacks. You don't care about
> the return packets, and if anything spoofing an IP address can help
> the DOS as the target's machine, or the immediate downstream router
> may end up generating ICMP packets saying "host/protocol/route
> unrechable", giving the attacker 2 network packets for the price of 1.
Agreed, such as smurf attacks..
--
Regards,
M
Martin Sillence
PR Newswire
DL +44 (0)1865 78 5065
F +44 (0)1865 78 5100
W www.prnewswire.co.uk
---------------------------------------
"We tell your story to the world."
NEWS TARGETING * REGULATORY & GLOBAL NEWS DISTRIBUTION * MULTIMEDIA *
NEWS MONITORING
Any views or opinions are solely those of the author and do not
necessarily represent those of PR Newswire Europe. The e-mail contents
are intended only for addressee and may contain confidential and/or
privileged material. If you are not the intended recipient, please do
not read, copy, use or disclose this communication
___________________________________________________________________
Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html
GNU the choice of a complete generation.