Re: Tracing Spoof IP's

To: debian-user@lists.debian.org, cw005e@uhura.cc.rochester.edu
Subject: Re: Tracing Spoof IP's
From: "Rik Johns" <debian1@hotmail.com>
Date: Wed, 19 Nov 1997 00:20:35 PST
Message-id: <19971119082036.953.qmail@hotmail.com>

>From debian-user-request@lists.debian.org Sun Nov 16 15:36:43 1997
>Received: (qmail 23401 invoked by uid 38); 16 Nov 1997 23:32:27 -0000
>Resent-Date: 16 Nov 1997 23:32:27 -0000
>Resent-Cc: recipient list not shown: ;
>X-Envelope-Sender: cw005e@uhura.cc.rochester.edu
>Received: (qmail 23323 invoked from network); 16 Nov 1997 23:32:24 
-0000
>Received: from uhura.cc.rochester.edu 
(root@uhura.cc.rochester.edu@128.151.224.17)
>  by 205.229.104.5 with SMTP; 16 Nov 1997 23:32:24 -0000
>Received: from gatekeeper (LiNuXMan@gatekeeper.cif.rochester.edu 
[128.151.220.153])
>	by uhura.cc.rochester.edu (8.8.5/8.8.5) with SMTP id SAA19870
>	for <debian-user@lists.debian.org>; Sun, 16 Nov 1997 18:36:01 -0500 
(EST)
>Message-Id: <3.0.3.32.19971116183615.00917220@uhura.cc.rochester.edu>
>X-Sender: cw005e@uhura.cc.rochester.edu
>X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32)
>Date: Sun, 16 Nov 1997 18:36:15 -0500
>To: debian-user@lists.debian.org
>From: Chi Wong <cw005e@uhura.cc.rochester.edu>
>Subject: Tracing Spoof IP's
>Mime-Version: 1.0
>Content-Type: text/plain; charset="us-ascii"
>Resent-Message-ID: <"xKMkwC.A.usF.LK4b0"@debian>
>Resent-From: debian-user@lists.debian.org
>X-Mailing-List: <debian-user@lists.debian.org> archive/latest/18536
>X-Loop: debian-user@lists.debian.org
>Precedence: list
>Resent-Sender: debian-user-request@lists.debian.org
>
>Is there a way to detect / trace where the spoof ip addresses are 
coming
>from? Or is it an impoosible task?
Best way I have found, is to use tcpdump, install, then cd /usr/sbin
and ./tcpdump. Not full-proof, But I can get the real addy of a
Spoofed hit, 90% of the time....Regards...Rik...aka..Debian1
>TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
>debian-user-request@lists.debian.org . 
>Trouble?  e-mail to templin@bucknell.edu .
>
>

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Prev by Date: Re: Tear-Drop (ip_fragment bug) anyone apply the patch?
Next by Date: Re: Tear-Drop (ip_fragment bug) anyone apply the patch?
Previous by thread: Tracing Spoof IP's
Next by thread: ppp error question
Index(es):
- Date
- Thread