If the world were to adopt IP authorization/authentication schemes like
SPF/CSV, without removing the economic incentive for spam, the spammers
would put pressure on the next weak point.
I understand that it is difficult to do, but what would it take for a
skilled hacker to steal the IP address of an otherwise well protected
SMTP server and sell that IP to the spammers?
I understand also that if this were possible, it would not be a reliable
ownership of that IP, as the internet routers would be confused as to
which of the two machines actually owns the IP address. But from a
spammer's point of view, an intermittent IP address is much better than
no IP address at all.
What are the technical and configuration obstacles that he would have to
overcome?
My connection is DSL PPPoE, and I believe it is not possible for a
hacker behind such a setup to steal any IP, because the PPP software at
the other end would not route any packets that don't come from my
assigned IP address.
But some connections are Ethernet over DSL. Can such a connection be
used to hijack an IP address? Would it be easy to hijack an IP assigned
to another customer of the same ISP? Would it be easy to hijack the IP
of another ISP? How about any arbitrary IP address?
Can a cable-modem customer hijack the IP of a neighbour?
I'm not interested in arguments why this is not likely to happen, but in
actual scenarios that make it possible. The internet is not configured
perfectly, there are security holes all over the place. What are the
more or less common mistakes that network administrators make to allow
IP address hijacking?
What about IP encapsulation? Are there IP decapsulators that require no
authentication? They would be open-proxies.
I think in establishing any reputation system, one would have to take
this variable into account. Ie, how easy can a reputation be spoiled as
a result of malicious intent? Oh, I know it's possible. But I don't know
how easy it is. What kind of skills and misconfiguration mistakes does
it take?
Thanks,
Radu.