5 Aug
2003
5 Aug
'03
3:33 a.m.
On Tue, 5 Aug 2003, Christopher L. Morrow wrote:
Spoofed packets are harder to trace to the source than non-spoofed packets. Knowing where a malicious packet is very important to the
this is patently incorrect: www.secsup.org/Tracking/ has some information you might want to review. Tracking spoofed attacks is infact EASIER than non-spoofed attacks, especially if your network has a large 'edge'.
Errr... you don't need to _track_ non-spoofed attacks - you _know_ where the source is. Instead of going box to box back to the source (most likely across several providers) you can immediately go to _their_ provider. --vadim