Re: Re: Can the SPF technique be used to stop IP address spoofi

On Tue, 2004-11-23 at 10:47 +0000, David Woodhouse wrote:
> On Tue, 2004-11-23 at 11:41 +0100, Stephane Bortzmeyer wrote:
> > The problem is you no longer see it, once you are on a different
> > LAN. The packets from *your* machine will have the MAC address of *my*
> > router. You will have to learn a bit about IP before trying to secure
> > it :-)
> That's just like forwarding -- it's _forgery_ when _your_ router sends
> packets with _my_ IP address. It's _my_ IP address, and it's my right to
> demand that you stop forging it. Your router needs to use NAT.
If I were laughing any harder right now I'd probably be pissing my
pants.  I didn't know you had it in you ;)  Simply priceless.

Cheers,

James

-- 
James Couzens,
Programmer
                                                     ( ( (      
      ((__))         __\|/__        __|-|__        '. ___ .'    
       (00)           (o o)          (0~0)        '  (> <) '    
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

signature.asc
Description: This is a digitally signed message part