Justin Clark-Casey wrote: > I must admit, I'm surprised that the spoofer can receive the packet at all if > it's being sent to the IP given (the > spoofed one). But I shall bow to those with superior raw sockets knowledge > than myself
The spoofer can't receive the packet sent from the server, and that's the main point. But it can send a reply packet anyways. It can send it blindly, trying to guess what the number might be. It could send 128 of them, each with a different number. > Actually, without (1) [a user server IP check by the region], isn't the > current situation still a problem for closed > grids? It's possible to make a region connection without any > interaction/login with the user server if one knows what > to do and has the right information. Yes. It's just that walled-gardens tend to be more private, so for example you may not know the IP address of the region as easily as in open systems; and it will be much harder to find the user's identifiers. Security through obscurity -- which is always a fragile situation, but at least it's a cloth that open systems don't have. Crista _______________________________________________ Opensim-dev mailing list Opensim-dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/opensim-dev
