Packet Marking for Traceback of Illegal Content Distribution
Roy S. Rapoport
rsr at inorganic.org
Thu Apr 15 21:26:11 PDT 2004
On Thu, Apr 15, 2004 at 08:21:43PM -0700, richard childers / kg6hac wrote:
> To overcome such spoofed source addresses, the Penn State researchers
> propose a strategy in which every message or data packet is marked with
> an identifying number by a border router. Border routers are peripheral
> stations that a packet passes through on its way onto the Internet.
>
> Since every packet is forwarded onto the Internet and marked by only one
> trustworthy border router, spoofers would not be able to insert false
> marks on their packets to undermine trace back. The packets would always
> be traceable to a specific border router and could be stopped or
> investigated at that point."
Is it just me, or does this translate to "as long as every entry point to
the internet does the Correct Thing and uses our suggested system to mark
their outbound packets, we'll make sure that nobody forges TCP/IP," which
sort of neglects the fact that, today, every entity's border gateway is
ethically supposed to do this anyway -- certainly, my _home_ router is set
to start screaming if it sees packets outbound from a network other than my
own.
In other words, if everyone followed their complex solution, the problem
would be solved; but if everyone was willing to do something like this,
they'd be even more willing to use current capabilities to do something
much simpler that would *also* solve the problem. That people aren't doing
that suggests that they wouldn't be able to do something even more
complicated.
> The complete URL - for those whom do not shield their eyes when they see
> HTML - is below:
>
> http://www.psu.edu/ur/2004/traceback.html
That's HTML in the same way that
this
is HTML. Technically true, but meaningless.
-roy
More information about the Baylisa
mailing list