Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:17:53 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1063501883&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fdistributed%2FUW-CSE-00-02-01.tgz%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1063501883.1338178673.1338178673.1338178673.1%3B%2B__utmz%3D32867617.1338178673.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/10551/UW-CSE-00-02-01.tgz http://packetstormsecurity.org/files/10551/UW-CSE-00-02-01.tgz http://packetstormsecurity.org/files/10551/UW-CSE-00-02-01.tgz.html Fri, 11 Feb 2000 19:04:48 GMT This paper describes a technique for tracing anonymous attacks in the Internet back to their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or "spoofed", source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by an attacker without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed "post-mortem" -- after an attack has completed. We present one implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology. In pdf and postscript format.