On Sun, 31 Oct 2004 23:19:39 +0000
James Wilkinson <james(a)westexe.demon.co.uk> wrote
Joel wrote (about SSH attacks):
> The guys that are not smart enough to spoof the IP when they try to
> climb in are usually on DHCP, or at a netcafe, or at a school where they
> are more than half likely to get kicked out.
I refer the honourable Joel to my previous response.
In particular, you can't really spoof IP addresses on SSH sessions. The
server needs to be able to get packets back to the (possibly attacking)
client, which means the client's IP address must be routable.
Okay, educate me. Why is a spoofed IP address known to be not routable?
--
Joel <rees(a)ddcom.co.jp>