[74668] in North American Network Operators' Group
Re: BCP38 making it work, solving problems
daemon@ATHENA.MIT.EDU (Edward B. Dreger)
Mon Oct 11 09:49:46 2004
Date: Mon, 11 Oct 2004 13:49:23 +0000 (GMT)
From: "Edward B. Dreger" <eddy+public+spam@noc.everquick.net>
To: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0410102101140.7756@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
SD> Date: Sun, 10 Oct 2004 21:35:33 -0400 (EDT)
SD> From: Sean Donelan
SD> People think BCP38 means the packets could only originate
SD> from you.
Were BCP38 universal, this would be true. If one receives a
packet, it's either from the supposed source or a network that
allows spoofing. If no networks allow spoofing, it came from the
supposed source.
SD> [P]eople don't complain to the source of spoofed packet.
SD> People complain to IANA about attacks coming from Net-10.
They complain to the perceived source. Many Internet users are
shocked at how trivial it is to forge email/packet sources; I
guess they're used to services like caller ID where the end user
isn't [traditionally] given the power to spoof.
Then there's postal mail. At least sending spoofed packets is
more costly than IP, and end-user packets frequently are tagged
with an ingress label.
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
DO NOT send mail to the following addresses:
davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net
Sending mail to spambait addresses is a great way to get blocked.
