On 01/06/14 01:19, Bill Stewart wrote:
> At 10:15 AM 5/31/2014, davidroman96 wrote:
>> We know that the sources ips generally are dropped, this is the only
>> problem that we have.
>> But if multiple hosts can use the same ip how the connection can be
>> traced? Only the ISP have the information, the receiver don't know
>> anything a part from the content of the packet.
>
> That's part of the problem -
> the receiver doesn't know anything, even the contents of the packet,
> because any good ISP will drop the packets instead of allowing the
> sender to send them.
> If you can find a collection of bad ISPs who can send forged-source
> packets to each other
> across the public Internet, maybe you have some chance,
> but that kind of bad ISP is also a target for spy agencies and for
> criminals.
>
>
> Normally, UDP is fine, but it isn't TCP.
> A popular thing for UDP applications to do is to reinvent TCP badly.
> If you need to do TCP things, and only have UDP for some reason,
> you can reinvent most of TCP well, but only if you understand it well.
> The UDP versions of Bittorrent, for instance, were written by people who
> not only understood TCP and UDP well, but experimented a lot with scale.
>
> A very good ISP will not only drop forged-source packets,
> they'll hunt down the sender and kill it.
> Somebody mentioned Netflow - many large ISPs record that level of
> information,
> with the source and destination IP addresses, port numbers, protocol,
> and router information,
> and sometimes also link-layer addresses if the link layer uses them.
> If you sent a packet from 192.9.200.1, your ISP will probably drop it
> at the originating router,
> and will log an error message that says it dropped that on your access
> line,
> and if it sees a lot of them, they'll go check out why.
> If you use a small ISP that doesn't bother checking for forged source
> addresses,
> they'll be using a larger ISP for long-haul connections that will notice.
>
>
We know that ISP have the 100% of information, but the idea was to give
less information to the receiver. Even yet I couldn't find any
transparent ISP, seems that all ISPs are trolls xD, maybe pirateISP are
more transparent¿?...