Re: Syslog - Firewall denys

["Eric Toll" <etoll () syracusesupply com>]

If you had the service as you want it, what would stop people from spoofing another address? nmap is free on 
www.freshmeat.net, and you can chage your address to appear as lets say www.whitehouse.gov, but that is not be the 
correct address, to which the attack is coming from.

I guess what I'm asking is how do you know its not spoofed?


> > > "Andrew Fessler" <Andrew () allegro net> 11/09/99 10:19AM >>>
This is a little bit off topic, but I figure this is the best place to ask this question.

When we see on our firewall a lot of unauthorized traffic from one network or ip address, we contact the netblock 
owners notifying them of this unauthorized activity.

I would like to know if anyone has come up with a formal message to send to the netblock owners, something that may 
hold up in court if ever need be.

I have been a member of this list for sometime now and appreciate all of the different questions that get asked and 
answered. This list has been a great source of information.

TIA.

Andrew
Allegro Inc