TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Hi!
I recently have a report from RS Network Sensor 5.0 of SYNFlood
attack. The source address/port was 0.0.0.0/0, but in information
field there was a string which looked like "SPOOFEDSR 1.2.3.4".
Does it mean that the SYN packets were generated from address 1.2.3.4? If so, how
does RS resolve attacker's address?
Thanks,
Dmitry Maslakov
----------------------------------------
RJSC "Unified Energy System of Russia"
tel: +7-095-929-1618
fax: +7-095-206-8203
mail: [EMAIL PROTECTED]
