Re: sleath port scanning fix (fwd)

David Woodhouse (D.W.Woodhouse@nortel.co.uk)
Tue, 09 Sep 1997 08:03:38 +0100

ak@muc.de said:
> Printing the source IP isn't a good idea neither, because it can be
> easily spoofed

But if they give the wrong IP address, then they'll never get the responses
they're looking for, and it won't be a very good method of scanning ports.
Surely it's better to have it there, saying "apparently from IP address
%d.%d.%d.%d" than not there at all?

-- 
David Woodhouse,	CB3 9AN		http://dwmw2.robinson.cam.ac.uk/
	dwmw2@cam.ac.uk 		 Tel: 0976 658355        
	D.W.Woodhouse@nortel.co.uk	 Tel: 01279 402332