Re: How to get rid of spoofed IP-Address responses
From: NetWatch (netwatch@sagadc.de)Date: 05/25/02
- Previous message: NetWatch: "Re: How to get rid of spoofed IP-Address responses"
- Maybe in reply to: NetWatch: "How to get rid of spoofed IP-Address responses"
- Next in thread: Shane Manners: "RE: How to get rid of spoofed IP-Address responses"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 25 May 2002 00:44:03 +0200 From: "NetWatch" <netwatch@sagadc.de> To: "Linux_Focus" <focus-linux@securityfocus.com>
Well folks, it seems that I haven't read enough.
After analyzing the traffic I realized that as soon as the socket is
accepted (a server behind the port 80), I will send 4 times more data
out than I would if there is no server listening. This means I increase
the flood to these addresses 4 times than I would if it would just
simply RST the connection.
I have included the addresses in our CISCO and hope that they will go
away (after almost 4 weeks receiving these packages) and not getting
anoying messages every 51 seconds.
Thanks again,
Jochen Grotepass
SAGA D.C. GmbH
- Previous message: NetWatch: "Re: How to get rid of spoofed IP-Address responses"
- Maybe in reply to: NetWatch: "How to get rid of spoofed IP-Address responses"
- Next in thread: Shane Manners: "RE: How to get rid of spoofed IP-Address responses"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
