Security Basics mailing list archives

RE: Traces

From: Fernando Gont <fernando () gont com ar>
Date: Tue, 06 Jan 2004 10:35:44 -0300

At 11:26 05/01/2004 -0800, Shawn Jackson wrote:

        Personally I think this would only be, slightly, useful when
automated and even then multiple sites off your network, backbone even,
have to be under attack. Additionally it has to be from one system, or
group of systems on the same netblock (CIDR or Subnet), which isn't too
likely in this day-in-age.

Do you mean they should be in the same netblock in order to be practicable,or what?

        Besides a corporate network or controlled networking environment
I can't see this being too terribly useful. But then again this is
coming from the guy who wants to beat script-kiddies up with a clue bat.
Ending spoofing would be extremely useful, or at least finding out a way
to locate the attackers when spoofing is being employed. Does IPv6 solve
this issue? Personally I haven't had time to fully inspect the protocol.

Unfortunately, things like mobile-IP requires hosts to "legally" spoof IPaddresses.This "spoofing" is required as there are problems in the Internetarchitecure that have not been solved.

I'm going to head to B&N sometime this week and see if they have that
book, has anyone read it, is it any good?

I've read both the first and second editions (I think there's a thirdedition by now).

It's interesting. You'll enjoy reading it.

(I've found some technical errors, and sometimes I got the feeling that theauthours get too excited, though)

Now let the Out-Of-Office and
Undeliverable messages come, come to me!!


BTW, I sent an e-mail to the owner of the list, proposing to:

a) Change the Return-Path field so that it points to the mail robot. Thiswould free us from getting "undeliverable message" errors.b) Change the Reply-To field so that it points to the list, rather than theposter of the message. IMHO, replying only to the poster is the exception,*not* the rule.


Let's see what happens....  :-)

Best Regards,


--
Fernando Gont
e-mail: fernando () gont com ar || fgont () acm org



---------------------------------------------------------------------------

Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off anycourse! All of our class sizes are guaranteed to be 10 students or less.We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,and many other technical hands on courses.Visit us at http://www.infosecinstitute.com/securityfocus to get $720 offany course!----------------------------------------------------------------------------

Current thread:

RE: Traces, (continued)
- - RE: Traces Fernando Gont (Jan 02)
    - Re: Traces Jimi Thompson (Jan 05)
    - Re: Traces Meritt James (Jan 05)
    - Re: Traces Fernando Gont (Jan 06)
- RE: Traces Fernando Gont (Jan 02)
- RE: Traces Shawn Jackson (Jan 02)
- RE: Traces Meidinger Chris (Jan 05)
  - RE: Traces Fernando Gont (Jan 06)
- RE: Traces Shawn Jackson (Jan 05)
  - Re: Traces Meritt James (Jan 05)
  - RE: Traces Fernando Gont (Jan 06)
- RE: Traces Shawn Jackson (Jan 06)
- RE: Traces Fernando Gont (Jan 19)
- RE: Traces Shawn Jackson (Jan 19)