Nick, At 16:53 17-09-1997 +0100, Nick Hilliard wrote:
The Internet needs unforgeable addresses, IP and "caller ID" equivalent.
This is a good point, but unfortunately, we're still stuck with ipv4, which is completely forgeable. If you've got even one rogue BGP site, they can inject anything the feel like into the internet routing tables and do all sorts of horrible things.
I'm almost surprised that spammers haven't cottoned on to this yet -- they could inject some temporary routes into the internet, use hosts on these address ranges to bounce their spam off a 3rd-party relay site and then withdraw the announcements. This would be almost totally untraceable and would circumvent routing black holes completely -- for those who are using routing black holes to try to control spamming.
To do this they would have to BGP peer with somebody that does NOT filter prefixes from a customer connection (and that is a Bad Thing (tm)). Unless the spammer is an NSP itself. Ok, there are ways around this but I wouldn't even think of them, much less discuss them on a list :-) kind regards, --- pedro ramalho carlos Pedro.Carlos@co.ip.pt IP SA tel: +351-1-3166724 Av. Duque de Avila, 23 fax: +351-1-3166701 1000 LISBOA - PORTUGAL PGP Key fingerprint = B7 45 B2 F9 F3 1F 67 19 1F 24 76 67 8D F6 2C B2