Nate Leon writes:
I am not an IP expert, so I defer to those on this list who have such
expertise. It seems like folks on this list are not so concerned
about spammers/fraudsters spoofing IP addresses, and that brings me
some comfort. :) I believe the success of Sender-ID assumes spammers
cannot spoof IP Addresses.
I understand this is not easy to do. My concern is the degree of
difficulty/expense it takes to do so.
It requires injecting routes into the main BGP net. Every notable ISP
can do that, and can let some of its customers do that. Say 20,000
organizations in all have the ability to do that.
Most of the people who've engaged in such practices seem to be listed on
http://www.completewhois.com/hijacked/hijackers.htm - at least the
incidents I've heard about are listed there.
e.g. how difficult is it for the spammer to get the whole transaction
into a single packet so they can ignore return messages (blind
attack), forge the packet's source address, get it through firewalls
and routers that don't verify the source address, guess the sequence
number, etc...
Can't be done using any TCP common implementation.
Or will it just be easier for them to write viruses/worms which carry
spam-bots as their payload?!
Quite likely, IMHO.
Arnt