|
Intrusion Detection Systems
mailing list archives
Re: Determining when something is NOT random
From: Robert Graham <robert_david_graham () yahoo com>
Date: Mon, 24 Jul 2000 18:52:19 -0700 (PDT)
Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner () uow edu au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
-----------------------------------------------------------------------------
--- Lance Spitzner <lance () spitzner net> wrote:
Are there any tools/techniques to determining when something
is NOT random.
http://www.robertgraham.com/pubs/hacking-dict.html#random
Any tool that can take a list of IP addresses and determine
if they are random or not?
You have a BIG dependecy upon the ISPs between you and the "hacker" because of
ingress/egress filtering. In my experience, this type of filtering has
dramatically increased in the last 6 months (small wonder). This filters out a
lot of the randomness determination. Other than that, you could simply look at
which IP addresses are invalid.
=====
Robert Graham
Personal: http://www.robertgraham.com Work: CTO Network ICE
__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail Free email you can access from anywhere!
http://mail.yahoo.com/
 By Date 
By Thread
Current thread:
| 
Intro
