| http://www.w3.org/ns/prov#value | - Ping, traceroute, nmap and other utilities can be started during or after an attack and the results compared against data extracted from the attack packets. [0305] As each attack is detected, the analyst will know from previous rules the source IP of the attack packet and will have an idea as to whether or not the source IP was spoofed.
|
