[Dshield] Have spammers managed to forge the first received lines?
capegeo at opengroup.org
Sun Feb 8 15:47:25 GMT 2004
On Sunday 08 February 2004 02:26 am, JD wrote:
> I wonder who or what agency manages these IP addresses and how they
> can stop it.
The IANA is the entity responsible for assigning net blocks. See
http://www.iana.org/ipaddress/ip-addresses.htm for the current
assignments. Note that the IANA hands out blocks directly to
individual organizations as well as other authorities like ARIN, RIPE,
APNIC, etc. In order to chase down an address you may have to go to
one of those to chase down the "end assignee."
> I can't quite understand how this can happen unless these main
> upstream routers are somehow hacked. I've heard of exploits to
> Cisco routers and certain hacks on them. Is this how it's done?
> One would think these big pipe managers would know how to secure
> their systems.
If you're really interested, read the nanog archives. There have been
many discussions around this on that list . . . It's great information
for several reasons. These are the network operations guys who
actually have to deal with the poop.
capegeo at opengroup dot org
PGP Key ID: 0x63F0F642 available on most public key servers
"It is always possible to agglutenate multiple separate problems into a
single complex interdependent solution. In most cases this is a bad
idea." -- RFC 1925
More information about the list