To assist a destination/intermediary node in authenticating a
communications packet as originating from a certain source node, the
source node hides a cryptographically generated first special value based
on the packet in a header portion of the communications packet. Upon
receipt of the communications packet, the destination/intermediary node
cyptographically generates a second special value also based on the
packet for comparison to the first special value extracted from hiding in
the header portion. If the first and second special values match, the
destination/intermediary node has authenticated the communications packet
as originating from the source node. The foregoing may be implemented in
a number of situations, but has special use in connection with the
detection of packet communications vulnerability assessment probe traffic
by an intrusion detection system.