Penetration Testing mailing list archives
RE: DoS/DDoS Attack
From: "Wallisch, Philip" <Philip.Wallisch () neustar biz>
Date: Fri, 14 Jan 2005 11:23:20 -0500
I wouldn't say "no way of determining". Check out http://www.riverhead.com/ Through the use of baselines and complicated algorithms you can scrub at least some of that traffic. -----Original Message----- From: Faisal Khan [mailto:faisal () netxs com pk] Sent: Friday, January 14, 2005 1:06 AM To: pen-test () securityfocus com Subject: DoS/DDoS Attack Folks, Two quick questions. When IP (Source) addresses are spoofed, is there no way of determining (a) that the IP Source Addresses is spoofed and not the genuine one (b) to be able to determine the actual IP address that is sending DoS packets? Somehow I get the feeling I'm SOL when trying to find out the "genuine/actual" source IP address. If this is the case, then pretty much we all are helpless with DoS/DDoS attacks - considering one can write a script/program to keep incrementing or randomly assigning spoofed source addresses in the DoS packets being sent out. Faisal Faisal Khan, CEO Net Access Communication Systems (Private) Limited ________________________________ Network Security - Secure Web Hosting Managed Internet Services - Secure Email Dedicated Servers - Reseller Hosting Visit www.netxs.com.pk for more information.
Current thread:
- RE: DoS/DDoS Attack Wallisch, Philip (Jan 14)
- Re: DoS/DDoS Attack Kevin Willock (IGSN Security) (Jan 14)
- <Possible follow-ups>
- RE: DoS/DDoS Attack Josh Walkson (Jan 15)
- RE: DoS/DDoS Attack Gregory D. McPhee (Jan 15)
- RE: DoS/DDoS Attack rzaluski (Jan 17)
- RE: DoS/DDoS Attack FXCM - Brandon Palmer (Jan 17)