Vulnerability Development mailing list archives
Re: Networking theories
From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Sun, 7 May 2000 21:27:35 -0700
Just as a thought, if such a DoS was so difficult, why would I be logging lots of ICMP Type 3 packets at my firewall from IP's that have not been connected to? The most recent one (involving approx 200 packets over a few seconds) was supposedly from 10.240.x.x, not even available on my internal network. Quite obviously these packets are spoofed, but if their is no real way to D0S a system with them, why would someone spoof them? Unfortunately, using Windows 9x, I am unable to give you tcp dumps of the packets....if anyone knows of a program to do this, please let me know.
Any router between two nodes may generate ICMP unreachable messages. Kinda broken IMNSHO.. firewalls have no idea what IP to expect such messages from under those circumstances. BB
Current thread:
- Re: Networking theories, (continued)
- Re: Networking theories J . Phillips (May 08)
- DoS Local machines Jason (May 07)
- Re: DoS Local machines Jonathan Williams (May 07)
- Re: DoS Local machines Seth R Arnold (May 07)
- Re: DoS Local machines Arturo Busleiman (May 10)
- Re: DoS Local machines TeeSPy (May 11)
- Re: DoS Local machines Jason (May 10)
- Re: DoS Local machines Barclay Osborn (May 11)
- Re: Networking theories Helmethead (May 07)
- Re: Networking theories Dragos Ruiu (May 07)
- Re: Networking theories Blue Boar (May 07)
- Re: Networking theories Dug Song (May 08)
- Automatic Retaliation contra DoS sigipp () WELLA COM BR (May 09)
- Re: Automatic Retaliation contra DoS Weston Pawlowski (May 17)
- Re: Automatic Retaliation contra DoS Michael H. Warfield (May 17)
- Re: Automatic Retaliation contra DoS Weston Pawlowski (May 17)
- Re: Automatic Retaliation contra DoS Michael H. Warfield (May 18)