spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Re: Can the SPF technique be used to stop IP addres

2004-11-23 06:11:24
from [terry] [Permanent Link] 
OK, enough beating him up, he is trying (albeit misguided).

His solution is valid iff the source and target are on the same subnet, which 
is quite feasible
(picture server co-location, many servers in a server room all sharing the same 
subnet).

But David, even then the solution is not workable, there is nothing that stops 
the "source" from
generating packets where the source MAC is the spoofed machine.  And yes the 
spoofer can see the
responses (that are aimed to the spoofed machine) you just need to turn the 
source machine (spammer)
NIC into permiscuos mode and sniff the packets.

Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085



-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of James 
Couzens
Sent: Tuesday, November 23, 2004 6:01 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Re: Can the SPF technique be used to stop IP
addres


On Tue, 2004-11-23 at 11:52 +0100, Stephane Bortzmeyer wrote:


That's just like forwarding -- it's _forgery_ when _your_ router
sends packets with _my_ IP address.


Sorry, David but, since it is not April 1st, I conclude

that you know

almost nothing to IP. You should talk only about SPF and SMTP, where
your posts (specially about the forwarding problem) are much more
interesting.


It's _my_ IP address, and it's my right to demand that you stop
forging it. Your router needs to use NAT.


Damn! My coffee is now spilled over my keyboard!


I don't think he knows anything about ice skating or the linux kernel
EITHER.

Cheers,

James

--
James Couzens,
Programmer




      ((__))         __\|/__        __|-|__        '. ___ .'
       (00)           (o o)          (0~0)        '  (> <) '
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in
Atlanta features SPF and Sender ID.
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to

http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Can the SPF technique be used to stop IP address spoofing?, Stefan Engelbert
Next by Date:  RE: Can the SPF technique be used to stop IP address spoofing?, David Woodhouse
Previous by Thread:  Re: Re: Can the SPF technique be used to stop IP addres, David Woodhouse
Next by Thread:  RE: Re: Can the SPF technique be used to stop IP addres, terry
Indexes:  [Date] [Thread] [Top] [All Lists]