----- Original Message ----- > From: "Jason Lixfeld" <[email protected]>
> I believe that most everyone has a CPE of some sort, whether their > service is resi or commercial. So, what about shifting the focus to > the CPE manufacturers? They bend to technology and/or market pressures > by bringing things like NAT, Firewalls, DLNA, UPnP, IPv6 (heh), PPPoE, > RFC1483, etc. to their respective products in to satisfy technology > limitations or security concerns or whatever. Why can't they help the > cause by implementing some sort of RFC'ified BCP38 thing? This thought crossed my mind earlier today, when I asked Jeff if IP-forged packets would make it through a NAT, outbound. He said no (I think), but I'm not entirely sure that's right. While that would be egress filtering, from the POV of the home-LAN, it would still help in the trojan-horse-bot situation, as long as it couldn't be opened up via something like PPTP, and would thus still be useful, to some extent, sure. Cheers, -- jra -- Jay R. Ashworth Baylink [email protected] Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
