Scanning Attacks from apple.com are spoofed addresses

From: Lloyd Vancil (levat_private)
Date: Tue Jun 09 1998 - 16:46:09 PDT

Next message: Jared Proudfoot: "AMD K6 Bug"

Previous message: Joshua J. Drake: "more named software"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In the last few days several people have complained that scanning
activity has been observed from various well known apple.com addresses.
Recently www.apple.com (17.254.0.91) was accused.  In every case we have
determined that those attacks were not coming from the addresses
associated with the reports.  In the case of www.apple.com, the 91
address is a virtual address that cannot be used in this way.  If you
have evidence of such an attack's actual origination, or a method to
easily traces the actual origination point -I- would like to know of it.

Thank you

Lloyd Vancil


         lev@    _/_/_/_/  _/_/_/_/  _/_/_/_/  _/      _/_/_/
searchmaster@   _/    _/  _/    _/  _/    _/  _/      _/
               _/    _/  _/_/_/_/  _/_/_/_/  _/      _/_/_/    .com
              _/_/_/_/  _/        _/        _/      _/
             _/    _/  _/        _/        _/_/_/  _/_/_/

Next message: Jared Proudfoot: "AMD K6 Bug"
Previous message: Joshua J. Drake: "more named software"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:01 PDT