[VOIPSEC] Spoof of IP address within a (large) domain

Mark Teicher mht3 at earthlink.net
Wed Mar 23 18:32:37 GMT 2005 

With some of the VOIP Providers when one registers for services, some of the service providers request that you provide them with the MAC address of the ATA device one is using.  Based on some of the geographical location, one is assigned a tunnel within that particular section of the network for that particular region.

 
-----Original Message-----
From: Brian G <briang at net109.com>
Sent: Mar 23, 2005 8:51 AM
To: voipsec at voipsa.org
Subject: Re: [VOIPSEC] Spoof of IP address within a (large) domain

I suspect that the DSL provider is using PPPoE and they know the tunnel
termination point so they know the IP address at the subscriber end of
the tunnel.  You can spoof the source address of an IP packet but it
will still be encased in the "tunnel" packet.

Brian G.

On Thu, 2005-03-17 at 16:22, Brian Rosen wrote:
> Now it's my turn to "ask the experts".
> 
>  
> 
> I have someone proposing a solution to a large problem of "where are you?";
> that is, finding your own location.
> 
> It's for 9-1-1, and we have one mechanism, DHCP, that we are pretty happy
> with; you can spoof within your subnet, but that's about it, and location
> doesn't vary much within the subnet.
> 
>  
> 
> For various reasons, there are folks who don't like that idea and are
> pushing another.  They want server in the domain to return your address when
> asked.  They propose to use your IP address as the key to who "you" is.
> Just for the moment, ignore the issues of what the protocol is and what its
> security characteristics are.  They say that within their network (think a
> big DSL network), you cannot spoof IP addresses.
> 
>  
> 
> I was pretty taken aback by that.  I thought it was pretty easy to spoof.  I
> understand that they have the DSL modems pretty wired down (they won't let
> you spoof an address coming from the DSL modem; they know what IP address it
> should be), but I thought there were other was to spoof.
> 
>  
> 
> So that's my question: is IP address good enough, or are they just
> delusional that they can prevent spoofing within the domain.
> 
>  
> 
> Brian
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org


_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list