IP Spoofing / SYN Flooding
hey, to all, is there a linux tool, that can capture a tcp connection (like tcpdump) and unfold the real ip from the attacking host, when the ip adress is forged (ip spoofing)?? Harald Scharf Softpoint electronic Netzwerksysteme / Firewalls Windows NT/Windows 2000/Linux/Netware/Unix mailto:h.scharf@softpoint.at www.softpoint.at www.simplex.at
When a IP packet is "spoofed" (i.e., its source address is changed) there's really no manner to know which was the true IP of the sender, that's not a trouble within LiNUX systems, that's how IPv4 protocol works. Have a good one. Harald Scharf wrote:
hey, to all,
is there a linux tool, that can capture a tcp connection (like tcpdump) and unfold the real ip from the attacking host, when the ip adress is forged (ip spoofing)??
Harald Scharf Softpoint electronic Netzwerksysteme / Firewalls Windows NT/Windows 2000/Linux/Netware/Unix mailto:h.scharf@softpoint.at www.softpoint.at www.simplex.at
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Francisco M. Marzoa Alonso Nuevo Mundo - Dpto. Informático ICQ#: 62850923 Henri Dunant, 19 - 28036 Madrid tfno: +34 91 343 18 40 ext. 207 España / Spain fax: +34 91 350 28 45
participants (2)
-
Francisco M. Marzoa Alonso -
Harald Scharf