Bill Stewart wrote: | >From a legal perspective, it's tough to assert that the US user had scienter, | given that it pings scarcely reach the machine's consciousness, much less | the human users', since they're handled by ICMP rather than by a user-space | TCP or UDP | socket. (Obviously, if there's a sniffer around this is slightly different.) | | Is it possible to send out forged ping packets, pinging machine B with a From | address of C (fake) instead of A (real), so that Alice can talk to China via | Bob? | If so, it might be an interesting method for traversing some firewalls, | and also (if you write a ping-collector program) for back-channel | communications. It should be possible to fake a source address. Also, if you want to traverse a firewall from the inside, its usually pretty easy to do with mail, or over telnet. Stego in ping would show up in a firewalls logs more prominently than a lot of mail. | If you want to really abuse the protocols, 53 bytes probably fits into the | 64 you can send in a ping, so you could implement ATM-over-ICMP :-) Err, you can put up to 1500 bytes into an ICMP echo request, if its properly implemented. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume