[p2p-hackers] Spoofing source address to tunnel through
address-restricted/symmetric NAT
Antoine Pitrou
solipsis at pitrou.net
Mon Jun 20 13:32:08 UTC 2005
> With this in mind:
>
> 1) How do you spoof UDP source identities?
>
> 2) Have you heard of anyone using this for NAT piercing?
>
> 3) How good is "the internet" (by which I mean current deployed
> hardware) at identifying and blocking spoofed UDP packets?
If I were you, before asking technical questions, I would ask myself
whether relying on source address spoofing is really desireable
policy-wise and reputation-wise. Even if the application using the hack
is not malicious per se.
I mean, if there's a source address in UDP packets, it's not meant for
people to forge/abuse it... ;)
Regards
Antoine.
More information about the P2p-hackers
mailing list