IP Spoofing questions
From: David Schlecht (dschl_at_earthlink.net)
Date: 7 Mar 2004 07:59:57 -0800
Is IP Spoofing still a risk if our server has good TCP sequence number
We get numerous CGI attacks that I'm interested in reporting but don't
know how much I can rely on our server logs source IP field.
The same question goes for spam headers. I know that downstream
headers can be forged, but the last header added should be our
server's. Can this last header get a spoofed IP if our mail server has
good sequence number randomization?