Re: Traces
From: Meritt James (meritt_james_at_bah.com)
Date: 01/05/04
- Previous message: Shawn Jackson: "RE: Traces"
- In reply to: Shawn Jackson: "RE: Traces"
- Next in thread: Fernando Gont: "RE: Traces"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 05 Jan 2004 14:38:35 -0500 To: Shawn Jackson <sjackson@horizonusa.com>
Since public proxies and automatic forwards and anonymizers, it would be
a safe bet that only ineptitude would have an "attack" be from where a
single traceback points.
Shawn Jackson wrote:
>
>
> The geographical location is something I mentioned just in case
> I wasn't covering the right bases and not something Fernando mentioned.
> I was almost positive he was talking about the source network and not
> the source 'location' but figured I'd throw that in there just-in-case,
> my apologizes.
>
> Personally I think this would only be, slightly, useful when
> automated and even then multiple sites off your network, backbone even,
> have to be under attack. Additionally it has to be from one system, or
> group of systems on the same netblock (CIDR or Subnet), which isn't too
> likely in this day-in-age.
-- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566 --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
- Previous message: Shawn Jackson: "RE: Traces"
- In reply to: Shawn Jackson: "RE: Traces"
- Next in thread: Fernando Gont: "RE: Traces"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
