> Hi
>
> Sorry if this question is too newbieish. I am looking for a way to trace a
> spoofed IP address ?
>
> Mar 3 01:43:49 localhost kernel: PUB_IN DROP 4 IN=ppp0 OUT= MAC=
> SRC=66.33.88.30 DST=196.34.156.130 LEN=60 TOS=0x00 PREC=0x40 TTL=47
> ID=27502 DF PROTO=TCP SPT=3611 DPT=113 WINDOW=32120 RES=0x00 SYN URGP=0
Hi
do you talk to the host 66.33.88.30 at all ?
this could be normall traffic it could just
be trying todo an ident lookup.
James
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
