--On Friday, August 15, 2008 5:51 PM -0400 Bruce Bodger
<[EMAIL PROTECTED]> wrote:
fail2ban will not work for this as the incoming ip addresses are
spoofed. fail2ban would end up blocking legitimate servers.
How do you spoof a source address on a TCP connection? I was unaware that
was possible. How would replies know how to get back to the spoofing host?
At best, you can spoof another host on your own routed segment. Unless you
have control of the routing tables on the connecting routers, of course.
