From: jdd@aiki.demon.co.uk (Jim Dixon)
To: perry@imsi.com
Message Hash: 20ebdcee4b5f3c81b7822b27122893d7130a96efe55b6ceb9ab29eb83db76568
Message ID: <4190@aiki.demon.co.uk>
Reply To: N/A
UTC Datetime: 1994-08-07 11:39:26 UTC
Raw Date: Sun, 7 Aug 94 04:39:26 PDT
From: jdd@aiki.demon.co.uk (Jim Dixon)
Date: Sun, 7 Aug 94 04:39:26 PDT
To: perry@imsi.com
Subject: Re: RemailerNet
Message-ID: <4190@aiki.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain
In message <9408062108.AA18761@snark.imsi.com> perry@imsi.com writes:
>
> Jim Dixon says:
> > You can send from a very large network and forge your TCP/IP or
> > (more difficult) Ethernet source address. But I can sit on the same
> > network, build a table relating TCP/IP to ethernet (or whatever)
> > addresses, and filter out messages that should not be there. There
> > are commerical packages that do this sort of thing.
>
> Huh?
>
> If you are sitting on a network in England, which you appear to be, I
> defy you to record anything at all about the ethernet addresses of the
> machines that originated this message. [etc]
Forgive my casual use of the English language. "A may send from a very
large network and forge his or her TCP/IP or Ethernet source address.
But if B is on the same network, he or she can build a table ..."
The size of the source network is related to the difficulty of
determining which machine is forging addresses. If you are ... sorry,
one is on a large network, forgery without detection is much easier.
Assuming idiocy on the part of correspondents may make for easy
and fast responses, but it injects an undue amount of noise.
--
Jim Dixon
Return to August 1994
Return to “jdd@aiki.demon.co.uk (Jim Dixon)”
1994-08-07 (Sun, 7 Aug 94 04:39:26 PDT) - Re: RemailerNet - jdd@aiki.demon.co.uk (Jim Dixon)