[NTLUG:Discuss] How does 'ip address spoofing work'?
Jack Snodgrass
jack+ntlug at mylinuxguy.net
Sat Jul 5 16:49:46 CDT 2003
On Sat, 05 Jul 2003 16:26:11 -0500, asene wrote:
> I was thinking the same thing myself--
>
> ISS Warns Of Coordinated Hacker Attack On July 6
>
> Internet Security Systems Inc. is warning that an international
> hacking contest could cause headaches for companies worldwide and
> disrupt the Internet.
>
> http://computerworld.com/newsletter/0,4902,82730,00.html?nlid=PM
>
> Also, there seems to be a security problem with
> many versions of mysql. As far as I know there
> has never been a CERT advisory in that regard,
> but one of our customers gave me this URL:
>
> http://icat.nist.gov/icat.cfm?cvename=CAN-2002-1373
>
> Could be our hacker friends are testing the waters.
>
> Annette
thanks for the info. I don't think that it's the hacker weekend stuff.
These addresses have done this in the past. I've got scripts that run
to block these, but I don't have them run automatically... Now that I
know that they are coming from open proxy severs, I may go ahead and
run the scripts automatically.
As far as the mySQL stuff... the users don't know that we're using mySQL.
thy just enter the userid/password on the apache web login popup and we
use .htacccess to authenticate against mySQL. As far as the user knows,
it's just htpasswd stuff.
jack
More information about the Discuss
mailing list