Ethereal

RE: [Ethereal-users] Spoofed packets...
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: September 2001

 

> ...if someone is scanning a machine using spoofing
> you get the wrong address(of course that's the point) so you 
> can't use it as a reliable ip for traceroute.  But the 
> originating ip must be listed somewhere in the syn packet 

It is quite easy to put a packet out with the wrong 
IP information.  With a bit more access to the Ethernet
driver, it is quite easy to put an arbitrary hardware
source address.  Putting this into a forceful DOS attack
is described in a number of places.

Packets are no harder to forge than business cards.  

- jeff parker
- axiowave networks

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.