Packet Marking for Traceback of Illegal Content Distribution
richard childers / kg6hac
fscked at pacbell.net
Thu Apr 15 20:21:43 PDT 2004
In the spirit of continuing education ...
"To defend against spam and viruses or to stop illegal file sharing, an
organization must be able to identify the originator of the offending
messages. However, spammers, pirates and hackers most often use
incorrect, disguised or false addresses on their messages or data
packets to deter trace back. Such spoofed addresses are illegal in the
U.S. but so far, effective.
To overcome such spoofed source addresses, the Penn State researchers
propose a strategy in which every message or data packet is marked with
an identifying number by a border router. Border routers are peripheral
stations that a packet passes through on its way onto the Internet.
Since every packet is forwarded onto the Internet and marked by only one
trustworthy border router, spoofers would not be able to insert false
marks on their packets to undermine trace back. The packets would always
be traceable to a specific border router and could be stopped or
investigated at that point."
Ah, but who guards the guardians? That is, the efficacy of this concept
relies upon the administrators of the routers being (a) competent and
(b) beyond bribery or other corruption ... in an economy choked with
under-educated, and under-paid, personnel.
The complete URL - for those whom do not shield their eyes when they see
HTML - is below:
http://www.psu.edu/ur/2004/traceback.html
Regards,
-- richard
--
Richard Childers / Senior Engineer
Daemonized Networking Services
945 Taraval Street, #105
San Francisco, CA 94116 USA
[011.]1.415.759.5571
http://www.daemonized.com
More information about the Baylisa
mailing list