Over at the "Internet protocol Jornal (issue 10.4) you can find a good read on the dangers of IP spoofing. This problems is very old and very wide known. Even when I was in networking (1997-2002) this was wideley known and there was an easy cure. So I dont understand why Cisco decided to publish this now, a decade ago it would have been yesterdays news.

Everyone who ever read the TCP/IP bible (TCP/IP illustrated) knows this. All you have to configure on a router is IP UNICAST REVERSE PATH, in combination with cisco CEF. Then all packets that are routed are inspected. If the sender address (the From IP address) is in the routing table, it is checked to see if the router would route it the packet would have been send over the same interface the packet orginated from. If so, the sender is valid and the packet is routed, if not, it is proabbly a forged packet and it is dropped. That simple, one command and there is no IP spoofing anymore. In 1998 cisco released this feature I think, a decade ago!

All ISP's (at least in the Netherlands) have this kind of ingress filtering acitvated on their routers since a decade, it is impossible to spoof and route a packet in the Netherlands and most parts of the world for that matter.

I remember though that Casema (which I used as a cable modem provider between 1996-2001) didnt have this feature for some time. You could route a packet towards 1.1.1.1 with the sender address 10.255.255.255. 1.1.1.1 would give an "ICMP unreachable message" from the border routers of casema and it would be send towards the complete internal network -all systems- of Casema creating a kind of internal DoS.

But to publish this article one decade after a decade seems like rerunning old stories. 10 years is on the net a lifetime.

Skype Hacked! Skype Made Mobile!

It’s true. The rumors have been confirmed. Skype is going mobile! But not in quite the way you might have expected it! Skype has been hacked. Officially.

See the "proof" video on the skypejournal.

Als je je stem wel wilt uitbrengen, maar zeker wilt weten dat niemand anders die ziet, stem dan geen CDA!

Okay, dat is niet helemaal de boodschap van wijvertrouwenstemcomputersniet.nl (de boodschap is dat digitaal stemmen zoals nu in Nederland plaats gaat vinden niet auditable is en niet veilig), maar wel een leuk bij-effect.

wijvertrouwenstemcomputersniet.nl, een site waar ex hacker ex hacktic ex xs4all ex ITSX Gonggrijp en conrnuiten duidelijken maken waarom vernieuwing zonder transparantie achteruitgang is (oudere posting). En vandaag dus twee een vandaag (yek!) kijken om te zien hoe eenvoudig nedap het ons gemaakt heeft om de democratie te stelen. Zie de teaser op youtube.