|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BCP38 making it work, solving problems
SD> Date: Sun, 10 Oct 2004 21:35:33 -0400 (EDT) SD> From: Sean Donelan SD> People think BCP38 means the packets could only originate SD> from you. Were BCP38 universal, this would be true. If one receives a packet, it's either from the supposed source or a network that allows spoofing. If no networks allow spoofing, it came from the supposed source. SD> [P]eople don't complain to the source of spoofed packet. SD> People complain to IANA about attacks coming from Net-10. They complain to the perceived source. Many Internet users are shocked at how trivial it is to forge email/packet sources; I guess they're used to services like caller ID where the end user isn't [traditionally] given the power to spoof. Then there's postal mail. At least sending spoofed packets is more costly than IP, and end-user packets frequently are tagged with an ingress label. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses: [email protected] -*- [email protected] -*- [email protected] Sending mail to spambait addresses is a great way to get blocked.
|