On Sun, 31 Oct 2004 23:19:39 +0000 James Wilkinson <james@xxxxxxxxxxxxxxxxxxx> wrote > Joel wrote (about SSH attacks): > > The guys that are not smart enough to spoof the IP when they try to > > climb in are usually on DHCP, or at a netcafe, or at a school where they > > are more than half likely to get kicked out. > > I refer the honourable Joel to my previous response. > > In particular, you can't really spoof IP addresses on SSH sessions. The > server needs to be able to get packets back to the (possibly attacking) > client, which means the client's IP address must be routable. Okay, educate me. Why is a spoofed IP address known to be not routable? -- Joel <rees@xxxxxxxxxxx>
