[VOIPSEC] Spoof of IP address within a (large) domain
Diana Cionoiu
diana-liste at voip.null.ro
Tue Apr 4 06:35:59 CDT 2006
Hello Brian,
Is possibile to spoof inside a DSL network the IP address but the
procedure is so complicated that doesn't work the trouble just to now
show the right address for 911.
Diana
Brian Rosen wrote:
>Now it's my turn to "ask the experts".
>
>
>
>I have someone proposing a solution to a large problem of "where are you?";
>that is, finding your own location.
>
>It's for 9-1-1, and we have one mechanism, DHCP, that we are pretty happy
>with; you can spoof within your subnet, but that's about it, and location
>doesn't vary much within the subnet.
>
>
>
>For various reasons, there are folks who don't like that idea and are
>pushing another. They want server in the domain to return your address when
>asked. They propose to use your IP address as the key to who "you" is.
>Just for the moment, ignore the issues of what the protocol is and what its
>security characteristics are. They say that within their network (think a
>big DSL network), you cannot spoof IP addresses.
>
>
>
>I was pretty taken aback by that. I thought it was pretty easy to spoof. I
>understand that they have the DSL modems pretty wired down (they won't let
>you spoof an address coming from the DSL modem; they know what IP address it
>should be), but I thought there were other was to spoof.
>
>
>
>So that's my question: is IP address good enough, or are they just
>delusional that they can prevent spoofing within the domain.
>
>
>
>Brian
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
More information about the Voipsec
mailing list