At 10:12 AM -0700 8/15/07, Joe Wagner imposed structure on a stream
of electrons, yielding:
On 8/15/2007, Bill Cole <[EMAIL PROTECTED]>
IP spoofing for SMTP or any other chatting protocol over TCP is
effectively impossible in the wild. The legend about IP spoofing
date to the early 90's and are grounded in very narrow facts.
I thought I recall hearing about a spammer who, with the cooperation
of his ISP would send out spam via high-capacity lines with spoofed
IPs pointing back to dial-up lines that the spammer was also
listening on, allowing him to close the communication loop -- and
effectively making it look like his spam came from dial-up accounts
that were sending a T-1's worth of upstream spam.
Now, I only heard of that report as a historical reference and
contemporaneous news report so was that in fact an e-urban legend?
That was a real strategy circa 2000 but there's no spoofing involved
there. The spammer was the legitimate(ish) holder of the IP's he was
using. It is also unclear that the ISP's involved were actively
cooperating. At the time (and I believe still to this day) most ISP's
never bother looking at the packets coming from their customers to
assure that they carry source IP addresses given to them by that
provider.
There are actually legitimate uses for that class of asymmetrical
routing. For example, it is useful in reducing satellite latency
problems to have a modest land line over which otherwise empty ACK
packets are sent, with a source IP that is routed from the world at
large over the high-bandwidth but high-latency satellite link.
--
Bill Cole
[EMAIL PROTECTED]
#############################################################
This message is sent to you because you are subscribed to
the mailing list <SIMS@mail.stalker.com>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
