Ethereal

[Ethereal-users] RE: Spoofed packets...
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: September 2001

 

Actually, there is no practical way to trace those packets. A spoofed attack
generally doesn’t care about return packets; it’s primarily a blind attack.
It’s usually a denial-of-service (DOS) attack intended to bring down a site.
The attacker isn’t looking for “legal (that is, the normal packet-then-ack
traffic)” traffic. They’re simply interested in killing a resource/site.

Theoretically, if the attack was continuing, one could talk to each carrier,
who might be able to tell where it’s coming from, but that’s certainly not
feasible in real life.

Richard Berry
LAN Engineer-Principal
"Si hoc legere scis numium eruditionis habes."

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.