[p2p-hackers] Spoofing source address to tunnel
throughaddress-restricted/symmetric NAT
Enzo Michelangeli
em at em.no-ip.com
Mon Jun 20 14:39:35 UTC 2005
----- Original Message -----
From: "Antoine Pitrou" <solipsis at pitrou.net>
To: "Peer-to-peer development." <p2p-hackers at zgp.org>
Sent: Monday, June 20, 2005 9:32 PM
Subject: Re: [p2p-hackers] Spoofing source address to tunnel
throughaddress-restricted/symmetric NAT
> > With this in mind:
> >
> > 1) How do you spoof UDP source identities?
> >
> > 2) Have you heard of anyone using this for NAT piercing?
> >
> > 3) How good is "the internet" (by which I mean current deployed
> > hardware) at identifying and blocking spoofed UDP packets?
>
> If I were you, before asking technical questions, I would ask myself
> whether relying on source address spoofing is really desireable
> policy-wise and reputation-wise. Even if the application using the hack
> is not malicious per se.
>
> I mean, if there's a source address in UDP packets, it's not meant for
> people to forge/abuse it... ;)
And so what? There are cases when what is "meant" (by whom, anyway?) is
not necessarily what is "right"; and surely has no bearing on the
legitimacy of asking a question.
In this particular case, source address spoofing in the past has been used
for
both good (censorship-busting: google for "Triangle Boy") and bad (DoS
attacks) purposes, so most providers have taken to filter IP packets from
the edge with unexpected source IP addresses. This makes the whole issue
kind of moot...
Enzo
More information about the P2p-hackers
mailing list