IP Spoofing questions

From: David Schlecht (dschl_at_earthlink.net)
Date: 03/07/04

  • Next message: toto: "Re: remote scan Windows configuration"
    Date: 7 Mar 2004 07:59:57 -0800
    
    

    Hi All,

    Is IP Spoofing still a risk if our server has good TCP sequence number
    randomization?

    We get numerous CGI attacks that I'm interested in reporting but don't
    know how much I can rely on our server logs source IP field.

    The same question goes for spam headers. I know that downstream
    headers can be forged, but the last header added should be our
    server's. Can this last header get a spoofed IP if our mail server has
    good sequence number randomization?

    Any thoughts?

    -Dave


  • Next message: toto: "Re: remote scan Windows configuration"