On Thu, 2006-10-26 at 06:03 +0000, Fergie wrote:
Having said that, botnets don't need to spoof addresses -- the sheer dispersion of geographic and AS infection base renders the whole point of spoofing almost moot.
A lot of new possibilities arise if spoofing can be eliminated with near 100% certainty. Some examples: Automated filtering. Automated notification to providers. "Cut off host X or..." Expose compromised systems and hold their owners financially responsible for damages. Severe punishment of large number of users may cause outrage, basis for regress, class-action lawsuits, and maybe finally turn the attention to the real source of the problem; software vendors whose products are of such a dismal quality that they'd be banned worldwide from just about any market other than that for computer software. -- Per Heldal - http://heldal.eml.cc/