ZOMG: IPv6 a plot to stymie FBI !!!11!ONE!

Arturo Servin arturo.servin at gmail.com
Sun Jun 17 18:36:23 UTC 2012


	You would go to the whois:

whois -h whois.lacnic.net 2800:af::/32

	You will find that it is assigned to ISP "Whatever". If you are the cops you will find who I am asking them.

	BCP 38 would work. The problem is that many ISPs do not ingress filter, so I can use whatever unnallocated IPv6 space (2F10:baba:ba30:e8cf:d06f:4881:973a:c68) to SPAM and then go invisible and use another one (2E10:baba:ba30:e8cf:d06f:4881:973a:c68)

Regards,
as


On 17 Jun 2012, at 13:24, Valdis.Kletnieks at vt.edu wrote:

> On Sun, 17 Jun 2012 13:10:59 -0400, Arturo Servin said:
>> 	Wouldn't BCP38 help?
> 
> The mail I'm replying to has as the first Received: line:
> 
> Received: from ?IPv6:2800:af:ba30:e8cf:d06f:4881:973a:c68?  ([2800:af:ba30:e8cf:d06f:4881:973a:c68]) by mx.google.com with ESMTPS id  b8sm25918444anm.4.2012.06.17.10.11.04 (version=TLSv1/SSLv3 cipher=OTHER);  Sun, 17 Jun 2012 10:11:06 -0700 (PDT)
> 
> Obviously BCP38 doesn't help, as it's an established TCP connection so it can't be
> spoofed traffic (gotta ACK  Google's ISN from the SYN-ACK)  - unless Google is silly
> enough to *still* not be doing RFC1948 properly.  I mean, Steve Bellovin wrote
> that literally last century. ;)
> 
> So - who owns 2800:af:ba30:e8cf:4881:973a:c68?  And how does an LEO
> find that info quickly if they need to figure out who to hand a warrant to?
> 
> *THAT* is the problem that needs solving.
> 
> (And who *does* own that IP?   I admit not knowing. ;)





More information about the NANOG mailing list