On Sep 21, 2006, at 2:09 PM, James Kempf wrote:
Hmm, well sounds as if there may be a technical problem after all.
First, an intrusion detection problem: does this stream of packets have
forged source addresses? Then, a traceback problem: if so where do these
packets originate from?
And the news in this statement is what, precisely?
The "news" is the part you left off:
Presuming these problems were solved, what would one do with the
information? Go to the offending ISP and ask: "Someone is forging source
addresses from your domain, can you please institute source filtering to
stop them?"
That's my point. Even if we had the technology to figure this out, the
social/political/regulatory/you name it nontechnical framework is lacking to
make the information useful for having any impact. Mr. ISP could simply
ignore the request, as is likely if they're in collaboration with the
offenders somehow.
And, as the rest of your post pointed out, solving the technical problem is
nontrival, and has been looked at before.
jak
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
