BCP38 making it work, solving problems

J. Oquendo sil at politrix.org
Mon Oct 11 02:32:58 UTC 2004

> I have received complaints from people about NOT being able to spoof
> packets.

Technical Support: "This is CompanyX, how can I help you?"
31337kiddi0t: "wHy c0m3 3ye c4nt sp0of?!$!*@"

With all of the different standards which tend to add confusion, too much
time seems to be going to waste drafting them while networks and
businesses suffer from what's currently in place. From my perspective
if someone mentioned this to me via complaints their account would be
cancelled immediately since there is no benefit to sending out spoofed

"But it's a pen test audit!" Even in situations where a security admin
needed to test certain elements an aware admin would find a way to get
around doing what they had to do.

Blocking elements such as SMTP do have its place and I'm sure most know
this is not the "definitive" solution nothing more than patch work but it
still has its advantages. The same way spammers can adapt, so should an
engineer be able to for those who would like to contest the notion that
one would be making "smarter idiots" who send spam and create malice.

I've been digging more into RFC's in hopes of learning more from a
technical perspective for my own sake and to date, all I've seen is more
of less patchwork. Instead of reinventing the wheel as the old saying
goes, sometimes a patch can get you moving on a flat tire. Sure it is a
temporary solution, but it is a solution.

J. Oquendo
GPG Key ID 0x51F9D78D
Fingerprint 2A48 BA18 1851 4C99

CA22 0619 DB63 F2F7 51F9 D78D

sil @ politrix . org    http://www.politrix.org
sil @ infiltrated . net http://www.infiltrated.net

"There is no greater mistake than the hasty conclusion that
opinions are worthless because they are badly argued." -- T.H. Huxley

More information about the NANOG mailing list