In message <[email protected]>, Fred Baker
wrote:
>
>
>At 05:51 PM 1/9/01 -0500, Mingyan Liu wrote:
>>it be left to the application/user to decide
>>whether they would rather use the spoofer and be exposed to higher failure
>>probability, or just play safe and bypass the spoofer (assume that the use
>>of a spoofer is not mandatory)?
>
>In general, I would agree with that. Now tell me this: do you know that the
>spoofer is there? How do you evade it?
>
>The cases that come quickly to mind are transparent and non-transparent web
>caches, Packeteer-style QoS control boxes which fiddle with TCP headers,
>Arrowpoint-etc devices which front-end sets of web servers, and so on. I
>can get around the non-transparent caches (SQuID etc) readily enough, but I
>may not be able to get around the others, and may not even know they are there.
>
>In such cases, the statement above is a great sentiment, one I would
>wholeheartedly support, but doesn't seem very practical.
I am curious how we got into this discussion. Does someone have any
firsthand knowledge that spoofers have a higher failure rate than
other networking equipment? I don't think so - and hence the
premise for this discussion is moot.
The more relevant discussion, to which many authors have contributed
valuable insights, is whether spoofing violates end-to-end TCP semantics,
and at a more practical level, whether spoofing breaks applications
or increases the probability of such breakage, such as reporting
successful transfers when the transfer is in fact unsuccessful and
vice-versa.
Regards,
Anil
LMGT
This archive was generated by hypermail 2b29 : Wed Jan 10 2001 - 09:35:52 EST