Date: Wed, 12 Aug 1998 14:55:59 -0700 (PDT) From: "Jan B. Koum " <jkb@best.com> To: Marius Bendiksen <Marius.Bendiksen@scancall.no> Cc: Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG Subject: Re: UDP port 31337 Message-ID: <Pine.BSF.3.96.980812145452.17894B-100000@shell6.ba.best.com> In-Reply-To: <3.0.5.32.19980812193700.0092f220@mail.scancall.no>
next in thread | previous in thread | raw e-mail | index | archive | help
AFAIK IP spoofing is "blind" - you can't be doing spoofing IP
during a portscan. Hence, if someone to portscan class B for udp port
31337, the ought to do it from the real IP. Now the fact that this IP
might belong to someone else (cracked account, etc) is another matter.
-- Yan
www.best.com/~jkb/ Unix users of the world unite:
www.{free,open,net}bsd.org | www.linux.org | www.apache.org | www.perl.com
"Turn up the lights, I don't want to go home in the dark."
On Wed, 12 Aug 1998, Marius Bendiksen wrote:
>>Oh. In other words, "the wrong person" would just happen to be running the
>>Back Orifice program and attempting to break into your system? Not bloody
>>likely.
>
>Ever heard of IP spoofing?
>
>In any case, as I said, it's principally wrong to escalate a conflict by
>retaliation. Besides which, it's illegal too.
>---
>Marius Bendiksen, IT-Trainee, ScanCall AS
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980812145452.17894B-100000>