Well one application that I did come across in my work what does'nt work
seamlessless with spoofing is spoofing for IPSEC secure flows.
IPSEC flows dont really break spoofing...you just cant spoof them cauz
transport layer header is encrypted.
This topic was brought up on the list earlier but never really resolved.
Our own approach was to propose a layering mechanism to IPSEC to
allow spoofing to happen. I believe there was a similar approach being
proposed by HRL.
if anybody is interested in learning more about this you can check out:
http://www.isr.umd.edu/TechReports/CSHCN/1999/CSHCN_MS_99-9/CSHCN_MS_99-9.phtml
and the HRL proposal is at:
http://206.17.46.2/people/ygz/ml-ipsec/
manish
On Wed, 10 Jan 2001, Anil Agarwal wrote:
>
> With the above background, and the material I wrote in my first response,
> I don't think anyone has come up with a legitimate example where spoofing
> causes an application to "break", when the application would work
> correctly in the absence of spoofing. It is important when designing
> such examples, to study carefully how the results would be different
> in a non-spoofed scenario. Also keep in mind, that the good spoofer will
> not spoof the FIN ack (or the last ack, as Jacob correctly points out).
>
This archive was generated by hypermail 2b29 : Wed Jan 10 2001 - 13:48:35 EST