Interesting People mailing list archives

Re: Ok guys and girls -- just who is telling the truth. WORTH READING

From: David Farber <dave () farber net>
Date: Tue, 27 May 2008 08:34:12 -0700


________________________________________
From: Joe Touch [touch () ISI EDU]
Sent: Tuesday, May 27, 2008 9:57 AM
To: David Farber
Subject: Re: [IP] Re:    Ok guys and girls -- just who is telling the truth.

David Farber wrote:

Sorry for the misumderstanding of what Comcast said -- I heard STOP not stop someday real soon djf  (they need better 
communictions)
________________________________________
From: Brett Glass [brett () lariat net]
Sent: Saturday, May 24, 2008 8:19 AM
To: David Farber; ip
Subject: Re: [IP] Ok guys and girls -- just who is telling the truth.

Dave:

Comcast has not said that they have stopped using RST packets (the word
"forged" is not appropriate, because they do not misrepresent their
origins; a RST packet is an announcement BY THE NETWORK that by a connection
has been administratively severed or had an error).


Please review RFC1122. Source IP addresses are supposed to be used only
by the endpoint to which they are assigned. Forging means that the
packet didn't come from that endpoint.

As Tony Lauck noted, TCP is a transport layer protocol. The only way
this abuse by Comcast will stop is when we start using IPsec, or TCP-MD5
   or somesuch to secure the identity of the origin of a packet.

There IS a standard mechanism for a network to sever a connection, e.g.,
ICMPs.

The problem for Comcast is that using ICMPs reflects poorly on their
network - it says that the host or network they're providing service to
is unreachable. That's not what they want; those metrics are tracked and
would reflect poorly on their service.

Instead, the SPOOF packets to addresses they have handed out to users
(arguable within their right, but only if their customers know that's a
condition of getting an address), or (beyond their right) addresses that
are even beyond the edge of their own network.

...

In my opinion, this is yet another example of the company's mismanagement of
its PR. They should not have allowed themselves to be cowed  into doing
doing this; rather, they should have stood their ground and defended their
right to manage their network and halt abuse of their network by what amounts
to an exploit. (Just my 2 cents.)


Comcast should be allowed to control and defend their network. When they
do it via standard means, that should be defended by all of us. When
they to it by deception, that should be exposed as the deception it is -
by all of us.

Joe



-------------------------------------------
Archives: http://www.listbox.com/member/archive/247/=now
RSS Feed: http://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

Current thread:

Re: Ok guys and girls -- just who is telling the truth. WORTH READING David Farber (May 24)
- <Possible follow-ups>
- Re: Ok guys and girls -- just who is telling the truth. WORTH READING David Farber (May 27)