> My main concern with gleaning is that it seems to be completely > insecure. > > An attacker could send a packet to R3 which is identical to the > packet R3 gets from R1 in the above example, except that instead of > the outer header's source address being that of R1, it is of the > attacker's machine Bad1.
Exactly, but not just this security risk, the cache in ETR may also be overwhelmed by a lot of host-granularity mapping entries which is triggered by some attacker. Best wishes, Xiaohu XU -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
