Re: Traces

["Meritt James" <meritt_james () bah com>]

Since public proxies and automatic forwards and anonymizers, it would be
a safe bet that only ineptitude would have an "attack" be from where a
single traceback points.  

Shawn Jackson wrote:
>         The geographical location is something I mentioned just in case
> I wasn't covering the right bases and not something Fernando mentioned.
> I was almost positive he was talking about the source network and not
> the source 'location' but figured I'd throw that in there just-in-case,
> my apologizes.
>
>         Personally I think this would only be, slightly, useful when
> automated and even then multiple sites off your network, backbone even,
> have to be under attack. Additionally it has to be from one system, or
> group of systems on the same netblock (CIDR or Subnet), which isn't too
> likely in this day-in-age. 

-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------