In message <9408062108.AA18761@snark.imsi.com> perry@imsi.com writes:
Jim Dixon says:
You can send from a very large network and forge your TCP/IP or (more difficult) Ethernet source address. But I can sit on the same network, build a table relating TCP/IP to ethernet (or whatever) addresses, and filter out messages that should not be there. There are commerical packages that do this sort of thing.
Huh?
If you are sitting on a network in England, which you appear to be, I defy you to record anything at all about the ethernet addresses of the machines that originated this message. [etc]
Forgive my casual use of the English language. "A may send from a very large network and forge his or her TCP/IP or Ethernet source address. But if B is on the same network, he or she can build a table ..." The size of the source network is related to the difficulty of determining which machine is forging addresses. If you are ... sorry, one is on a large network, forgery without detection is much easier. Assuming idiocy on the part of correspondents may make for easy and fast responses, but it injects an undue amount of noise. -- Jim Dixon