[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP spoofed source tunneling

To: Tim Newsham <newsham@xxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: ICMP spoofed source tunneling
From: fenfire@xxxxxxxxxxx
Date: Wed, 22 Sep 2004 22:30:47 +0200

On Wed, Sep 22, 2004 at 10:06:40AM -1000, Tim Newsham wrote:
> How does this give anonymity?  When sending to the server, I must use the
> servers address as a source address.  When the server replies to me, it
> must use my address as a source address.

Yes - you cannot use this in both directions:

 - In the server->client direction, the server can spoof IP source 
   addresses.

 - In the client->server direction, you need to use multi-level "anonymous 
   proxying", as used by several current P2P implementations (Gnutella for
   queries, Freenet, GNUnet etc).

The advantage of this is that the available bandwidth can be fully utilized
in the server->client direction, but at the same time the server IP address
can remain unknown to the client. With current P2P systems, server->client
proxying significantly reduces the download bandwidth.

In practice, implementing this will be fairly complicated because you end
up re-implementing TCP over a highly asymmetric connection.

References:
- ICMP spoofed source tunneling
  - From: Max Tulyev
- Re: ICMP spoofed source tunneling
  - From: fenfire
- Re: ICMP spoofed source tunneling
  - From: Tim Newsham

Prev by Date: Re: ICMP spoofed source tunneling
Next by Date: Pinnacle ShowCenter Skin Denial of Service
Previous by thread: Re: ICMP spoofed source tunneling
Next by thread: Re: ICMP spoofed source tunneling
Index(es):
- Date
- Thread