Snort mailing list archives
Re: IP spoofing
From: O-Zone <liste () zerozone it>
Date: Fri, 8 Oct 2004 11:25:42 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 07 October 2004 21:01, Aguiar Magalhaes wrote:
Hi snorters, I'm receiving a lot of PING NMAP alerts... The source IPs are spoofed How can I to know the true source IP of these attacks ??
Maybe the person that scans you with nmap use decoy options (-D) that allow to
use multiple "spoofed" IP and only one of this is "real" (i.e. IP of people
that doing scan).
Good luck !
- --
Il pensiero e' cosa che con piccolissimo corpo sa compiere divinissime cose.
-- Gorgia
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBZl0YYuBSFbgkEysRAku9AJ4jUxQdch5zhMI/YgWU/kUMNKK7+ACfQBmw
Ak15u6NU5TNwCD0o5MMdFhI=
=+PDc
-----END PGP SIGNATURE-----
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- IP spoofing Aguiar Magalhaes (Oct 07)
- Re: IP spoofing Matt Kettler (Oct 07)
- Help with windows XP pro Mario Guerendo (Oct 07)
- Re: Help with windows XP pro Paul Martin (Oct 08)
- RE: Help with windows XP pro Michael Steele (Oct 08)
- Re: Help with windows XP pro Paul Martin (Oct 08)
- Re: IP spoofing O-Zone (Oct 08)
- Re: IP spoofing Jose Maria Lopez (Oct 10)