Network traceback is a pretty open problem in Information Security. The problem ends up being 'stepping stones', in which the person initiating the connection uses several intermediate hosts. In that type of scenario, it becomes extremely difficult to do traceback without the intermediary hosts collaborating. POISN (Passive Origin Identification Systems for Networks ) is something you may want to look at. -Blake Whatchu talkin' 'bout, Willis? > > > I have been looking around for a tool or utility that will enable me to > trace an unknown connection back to its source. > > I realize that this sounds kinda like a man in the middle deal where you > would jump on the connection that someone has made to your system, but I > am not sure of what I could use to do this. > > Any suggestions would be greatly appreciated. -- Blake Matheny "... one of the main causes of the fall of the bmathenyat_private Roman Empire was that, lacking zero, they had http://www.mkfifo.net no way to indicate successful termination of http://ovmj.org/GNUnet/ their C programs." --Robert Firth
This archive was generated by hypermail 2b30 : Wed Jun 18 2003 - 14:45:06 PDT