Penetration Testing mailing list archives

DoS/DDoS Attack

From: Faisal Khan <faisal () netxs com pk>
Date: Fri, 14 Jan 2005 11:06:25 +0500



Folks,

Two quick questions.

When IP (Source) addresses are spoofed, is there no way of determining (a)that the IP Source Addresses is spoofed and not the genuine one (b) to beable to determine the actual IP address that is sending DoS packets?

Somehow I get the feeling I'm SOL when trying to find out the"genuine/actual" source IP address.

If this is the case, then pretty much we all are helpless with DoS/DDoSattacks - considering one can write a script/program to keep incrementingor randomly assigning spoofed source addresses in the DoS packets beingsent out.


Faisal





Faisal Khan,  CEO
Net Access Communication
Systems (Private) Limited
________________________________

Network Security - Secure Web Hosting
Managed Internet Services - Secure Email
Dedicated Servers - Reseller Hosting

Visit www.netxs.com.pk for more information.

Current thread:

OWASP NYC CHAPTER MEETING - JANUARY 25 Stan Guzik (Jan 07)
- Message not available
  - Windows based DoS Tools? Faisal Khan (Jan 10)
    - RE: Windows based DoS Tools? rzaluski (Jan 10)
    - Message not available
    - RE: Windows based DoS Tools? Faisal Khan (Jan 11)
    - Re: Windows based DoS Tools? Jules Rogers (Jan 12)
    - Re: Windows based DoS Tools? Don Bailey (Jan 13)
    - DoS/DDoS Attack Faisal Khan (Jan 14)
    - Re: DoS/DDoS Attack Nazareno Vicente Feito (Jan 14)
    - Message not available
    - Re: DoS/DDoS Attack seditiosus (Jan 14)
    - Re: DoS/DDoS Attack Steve Friedl (Jan 15)
    - Re: DoS/DDoS Attack Alexander Klimov (Jan 15)
    - RE: DoS/DDoS Attack Alex R (Jan 15)
    - RE: DoS/DDoS Attack Edward Sohn (Jan 14)
    - Message not available
    - RE: DoS/DDoS Attack Faisal Khan (Jan 15)
    - Re: DoS/DDoS Attack Erik A. Onnen (Jan 17)
    - Re: DoS/DDoS Attack Steven (Jan 17)
    - Re: DoS/DDoS Attack Rogan Dawes (Jan 17)

(Thread continues...)