Security Incidents mailing list archives
RE: Spider with improbable IP address
From: "Jobe Bittman" <Jobe.Bittman () mitchell com>
Date: Fri, 15 Oct 2004 10:15:18 -0700
It's a valid ip address for a subnet larger than /24. I once got a x.x.x.0 address on my cable modem. I was so bummed when I had to reboot a few months later and lost it. -----Original Message----- From: Ed Wittmann [mailto:wittmann () sae org] Sent: Thursday, October 14, 2004 11:14 AM To: incidents () securityfocus com Subject: Spider with improbable IP address A server I help maintain is currently being spidered, which is not so unusual - however, I note that the address the spider is coming from seems weird: xxx.xxx.xxx.0 Now, I was under the assumption that you can't send and receive on this address - but the requests come in here, and they're clearly going back out here. The weblogs show this address. Could someone cure my ignorance? Is this spoofing? It doesn't seem like source spoofing since the reply is clearly going back to the same IP address.
Current thread:
- Spider with improbable IP address Ed Wittmann (Oct 15)
- Re: Spider with improbable IP address insecure (Oct 15)
- Re: Spider with improbable IP address Bennett Todd (Oct 15)
- Re: Spider with improbable IP address Ric Messier (Oct 18)
- Re: Spider with improbable IP address Bennett Todd (Oct 18)
- Re: Spider with improbable IP address Ric Messier (Oct 18)
- <Possible follow-ups>
- RE: Spider with improbable IP address k levinson (Oct 15)
- RE: Spider with improbable IP address Jobe Bittman (Oct 15)