From: jdd@aiki.demon.co.uk (Jim Dixon)
Date: Sun, 7 Aug 94 04:39:26 PDT
To: perry@imsi.com
Subject: Re: RemailerNet
Message-ID: <4190@aiki.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


In message <9408062108.AA18761@snark.imsi.com> perry@imsi.com writes:
> 
> Jim Dixon says:
> > You can send from a very large network and forge your TCP/IP or
> > (more difficult) Ethernet source address.  But I can sit on the same
> > network, build a table relating TCP/IP to ethernet (or whatever)
> > addresses, and filter out messages that should not be there.  There
> > are commerical packages that do this sort of thing.
> 
> Huh?
> 
> If you are sitting on a network in England, which you appear to be, I
> defy you to record anything at all about the ethernet addresses of the
> machines that originated this message. [etc]

Forgive my casual use of the English language.	"A may send from a very
large network and forge his or her TCP/IP or Ethernet source address.
But if B is on the same network, he or she can build a table ..."

The size of the source network is related to the difficulty of
determining which machine is forging addresses.  If you are ... sorry,
one is on a large network, forgery without detection is much easier.

Assuming idiocy on the part of correspondents may make for easy
and fast responses, but it injects an undue amount of noise.
--
Jim Dixon