Can originating IP addresses be faked?
J. L.
jl.ffm at gmx.net
Tue Jul 24 17:30:10 UTC 2018
On 24.07.2018 14:33, David Fletcher wrote:
> Although I know a little bit about networking I'm not an expert and
> certainly know nothing about hacking other peoples' computers. Some
> people have told me that IP addresses can somehow be faked like the
> jerks who make nuisance phone calls faking their number to make it
> appear to be a friend, the bank, etc., calling.
>
> Can I for example be confident that these relay attempts:-
> Jul 24 11:31:57 ServerIII postfix/smtpd[22736]: NOQUEUE: reject: RCPT
> from hwsrv-294731.hostwindsdns.com[142.11.195.132]: 454 4.7.1
> <1029mandaditos at gmail.com>: Relay access denied;
> from=<killer at virginm.net> to=<1029mandaditos at gmail.com> proto=ESMTP
> helo=<hwsrv-294731.hostwindsdns.com>
> Jul 24 11:31:58 ServerIII postfix/smtpd[22738]: NOQUEUE: reject: RCPT
> from hwsrv-294731.hostwindsdns.com[142.11.195.132]: 454 4.7.1
> <1029mandaditos at gmail.com>: Relay access denied; from=<love at virginm.net>
> to=<1029mandaditos at gmail.com> proto=ESMTP
> helo=<hwsrv-294731.hostwindsdns.com>
> Jul 24 11:31:59 ServerIII postfix/smtpd[22736]: NOQUEUE: reject: RCPT
> from hwsrv-294731.hostwindsdns.com[142.11.195.132]: 454 4.7.1
> <1029mandaditos at gmail.com>: Relay access denied;
> from=<sunshine at virginm.net> to=<1029mandaditos at gmail.com> proto=ESMTP
> helo=<hwsrv-294731.hostwindsdns.com>
>
> which are a small sample from around 300 really did originate from
> Hostwinds, Washington, USA?
>
> Thanks for your advice, all.
>
> Dave
>
>
To give You at least some hint where to start for digging deeper:
https://en.wikipedia.org/wiki/IP_address_spoofing
Much much more can easily be found by using "ip spoofing" in the search
engine of Your liking.
To really answer Your question: YES, ip-addresses can definitely be
spoofed. Or "faked" to use Your own words ...
Hops that helps a little!
Cheers!
J. L.
More information about the ubuntu-users
mailing list