On 22 Jan 2003, at 1:26am, [EMAIL PROTECTED] wrote:
Some, I haven't even told anyone about, so there's no way anyone can know
that I can (or expect to) receive email at them.
They have an MX record, which is all the spam robots need.
The source ip also varies ...
By how much? Are they
On Wed, Jan 22, 2003 at 09:05:19AM -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
You can't really spoof the source IP address of a TCP connection. (Well,
you can, but the TCP handshake will never complete, making it rather
useless.)
Sure you can, if you can guess the initial
On Wed, 22 Jan 2003, at 9:15am, [EMAIL PROTECTED] wrote:
You can't really spoof the source IP address of a TCP connection.
(Well, you can, but the TCP handshake will never complete, making it
rather useless.)
Sure you can, if you can guess the initial sequence number for the TCP
[EMAIL PROTECTED] writes:
You can't really spoof the source IP address of a TCP connection. (Well,
you can, but the TCP handshake will never complete, making it rather
useless.)
Well, I wouldn't call this useless, since you can accomplish certain
(nefarious) tasks this way.
--kevin
--
If this happens much longer, I'm going to have to get out the baseball bat.
Prediction: before January 2005 somebody will lose their
life as a direct consequence of their involvement with SPAM.
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
Bob Bell [EMAIL PROTECTED] writes:
(somebody else probably has the URL more readily available than I).
http://razor.bindview.com/publish/papers/tcpseq.html
http://lcamtuf.coredump.cx/newtcp/
Regards,
--kevin
--
Kevin D. Clark / Cetacean Networks / Portsmouth, N.H. (USA)
On Wed, 22 Jan 2003, at 10:12am, [EMAIL PROTECTED] wrote:
They have an MX record, which is all the spam robots need.
Pardon my butting in, but what is an MX record?
MX = Mail Exchanger. An MX record is a record in the DNS that designates
the mail exchanger for a given domain name. Other
On Wed, 2003-01-22 at 10:12, Erik Price wrote:
[EMAIL PROTECTED] wrote:
On 22 Jan 2003, at 1:26am, [EMAIL PROTECTED] wrote:
Some, I haven't even told anyone about, so there's no way anyone can know
that I can (or expect to) receive email at them.
They have an MX record, which
On Wed, 22 Jan 2003, at 10:26am, [EMAIL PROTECTED] wrote:
However it is still possible to spoof the source, IF the attacker has
control of some machine (i.e. a router) which lives in the path ...
Well, this has turned into a semantic distinction. I generally consider
spoofing to be a passive
Derek Martin [EMAIL PROTECTED] writes:
However it is still possible to spoof the source, IF the attacker has
control of some machine (i.e. a router) which lives in the path the
target host would use to send packets to the host which actually has
the IP being used for spoofing (man, I hope
On Wed, Jan 22, 2003 at 09:05:19AM -0500, [EMAIL PROTECTED] wrote:
The source ip also varies ...
By how much? Are they all within the same netblock?
Nope. Quite a bit of variation. All the way from 12.x.x.x to 218.x.x.x.
So far, 107 attempts from 59 unique address.
... I'm not
So I have a bunch of domains, many of which I don't currently use.
Some, I haven't even told anyone about, so there's no way anyone can
know that I can (or expect to) receive email at them. Early Tuesday, I
did my occasional check of my sendmail logs and found something I had
missed.
Since
12 matches
Mail list logo