Date: Tue, 16 Sep 2014 08:49:08 -0500 From: Mark Felder <feld@FreeBSD.org> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:19.tcp Message-ID: <1410875348.3660913.168112729.18E69A9D@webmail.messagingengine.com> In-Reply-To: <44y4tjwvlm.fsf@lowell-desk.lan> References: <201409161014.s8GAE77Z070671@freefall.freebsd.org> <54180EBF.2050104@pyro.eu.org> <1410870926.3637266.168084441.4C997218@webmail.messagingengine.com> <44y4tjwvlm.fsf@lowell-desk.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 16, 2014, at 08:20, Lowell Gilbert wrote: > > Spoofing traffic is pretty easy. The reason it isn't generally a problem > is that knowing what to spoof is more difficult. [I assume that's what > feld@ actually meant, but it's an important distinction.] > How many AS are out there don't implement BCP38? Spoofing these days without MITM should be considered hard, and TCP even harder, no? I'd find it more believable that it's easier to hijack BGP than to target someone and successfully spoof TCP. Maybe I'm just naive and haven't seen this behavior in the wild during my time working at an ISP :-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1410875348.3660913.168112729.18E69A9D>