> It could be possible. Consider a protocol that utilized public-key
> encryption. Every packet would have to be signed with the
> sender's private key. Of course, anonymity goes completely
> out the window, but faking return-addresses would be impossible.
> Faking return addresses seems to be fairly essential to TCP/IP
> flavored DOS attacks.
That's not the case. The recent distributed denial of service attacks didn't
require any spoofing at all. Malformed requests can be used to perform
denial of service attacks. IP spoofing is necessary for more complex
operations, such as man-in-the-middle attacks, but denial of service attacks
don't require anything other than the attacker have more bandwidth than the
target.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
