I heard about (on the the HAK5 podcast) a trick new platform for aerial autonomy called the quadshot, from a group of developers out of Santa Cruz, CA. It has four propellers and takes off vertically, but uses a mono wing design, so flying under a pitch-yaw-roll scenario is second nature. I even contributed to their fund raising cause over at kickstarter.com. If I had time I would get busy playing with one, but I need to devote myself to my new job, which means constant techno-lust
IP Spoofing is the act of modifying the source IP address of an IP packet. Each IP packet contains a header within which ther exists a source and destintion IP address. Spoofing is the act of changing the source IP address of an IP packet, without regard to the validity of that address. Source IP address validity is immaterial in a DoS attack, because the intent is to overwhelm the target site or server.
Some backround is essential–Based on the OSI reference model, the Internet Protocol (IP) is a layer 3 protocol and as such is connectionless, meaning there is neither transaction state information in the IP packet (aka datagram) header, nor a method to insure packet delivery to the proper destination. Digressing for a moment on packets versus datagrams, the term packet refers to a “reliable” service whereas datagrams refer to an “unreliable” service. IP datagrams are unreliable because they do not convey delivery failure information to the receiver, TCP packets on the other hand is a layer 4 protocol, and is connection-oriented and does convey delivery information to the receiver.
IP Spoofing: An Introduction, http://www.securityfocus.com/infocus/1674
Wikipedia on Packets versus Datagrams, http://en.wikipedia.org/wiki/Packet_(information_technology)
OWASP is an effort to “organize the world’s application security information.”� A lofty mission, but an effort worth following.
The group advocates vulnerability scanning, code review, penetration testing, and stati review of applications to identify software secuirty issues. OWASP has also created a purposefully insecure website called webgoat, for teaching and demonstration purposes.