Date: Thu, 13 Aug 1998 09:42:52 -0700 (PDT) From: "Jan B. Koum " <jkb@best.com> To: Matthew Hunt <mph@pobox.com> Cc: Marius Bendiksen <Marius.Bendiksen@scancall.no>, Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG Subject: Re: UDP port 31337 Message-ID: <Pine.BSF.3.96.980813094153.3896A-100000@shell6.ba.best.com> In-Reply-To: <19980812224614.B8987@astro.psu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Uhm.. duh.
Of course you can spoof port scan, but the point of the port scan
is to know what port are open. There are many other ways to get someone in
trouble.
Now this thread is officially dead. :)
-- Yan
www.best.com/~jkb/ Unix users of the world unite:
www.{free,open,net}bsd.org | www.linux.org | www.apache.org | www.perl.com
"Turn up the lights, I don't want to go home in the dark."
On Wed, 12 Aug 1998, Matthew Hunt wrote:
>On Wed, Aug 12, 1998 at 02:55:59PM -0700, Jan B. Koum wrote:
>
>> AFAIK IP spoofing is "blind" - you can't be doing spoofing IP
>> during a portscan. Hence, if someone to portscan class B for udp port
>> 31337, the ought to do it from the real IP. Now the fact that this IP
>> might belong to someone else (cracked account, etc) is another matter.
>
>At least one (quite effective) port scanner supports IP spoofing.
>True, the user doesn't get the results. The purpose is to get
>somebody else in trouble for port scanning.
>
>--
>Matthew Hunt <mph@pobox.com> * Inertia is a property of matter.
>http://www.pobox.com/~mph/pgp.key for PGP public key 0x67203349.
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980813094153.3896A-100000>