Snort mailing list archives
Re: IP spoofing
From: O-Zone <liste () zerozone it>
Date: Fri, 8 Oct 2004 11:25:42 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 07 October 2004 21:01, Aguiar Magalhaes wrote:
Hi snorters, I'm receiving a lot of PING NMAP alerts... The source IPs are spoofed How can I to know the true source IP of these attacks ??
Maybe the person that scans you with nmap use decoy options (-D) that allow to use multiple "spoofed" IP and only one of this is "real" (i.e. IP of people that doing scan). Good luck ! - -- Il pensiero e' cosa che con piccolissimo corpo sa compiere divinissime cose. -- Gorgia -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBZl0YYuBSFbgkEysRAku9AJ4jUxQdch5zhMI/YgWU/kUMNKK7+ACfQBmw Ak15u6NU5TNwCD0o5MMdFhI= =+PDc -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- IP spoofing Aguiar Magalhaes (Oct 07)
- Re: IP spoofing Matt Kettler (Oct 07)
- Help with windows XP pro Mario Guerendo (Oct 07)
- Re: Help with windows XP pro Paul Martin (Oct 08)
- RE: Help with windows XP pro Michael Steele (Oct 08)
- Re: Help with windows XP pro Paul Martin (Oct 08)
- Re: IP spoofing O-Zone (Oct 08)
- Re: IP spoofing Jose Maria Lopez (Oct 10)