Team Member: MOD
| restraining or not
||Příspěvek č. 19
I agree with oook, ISPs should have their own rules to filter out spam - I suggest some cleverly chosen restraints are better than big brother style. It's better to make it not affordable to abuse internet gateways than to thread users and check their activities.
This is more general - I have had a little debate over network self monitoring and curing - what if some users start sending away floods of packets, for example remotely to local broadcast addresses? There should be some mechanism (default firewall rule) to filter it out. Most A class subnets on the internet have it. Think of a saboteur sending broadcast IP packets with another one's broadcast address (faked source address). Destination net (upto 254 in our case) receive datagram with some other subnet's broadcast address. All 254 stations react to it and send a icmp packet out (for example destination port unreachable etc). This creates flood of packets from here to there and back - initiated by only one faked packet.
Simple linux firewall rule filters out local broadcast IP datagrams sent from outside local network, thereby disallowing this type of poisonous flooding.
We have the same problems internet has. Not only smtp.
Regarding that guy with prepaid card, police can of course listen to his conversations, find out whom he calls, track his movement without court order in this country. Telephone conversations are being recorded and accessible for our police mafia for as long as a month - it costs a lot to keep it longer than this.
Freenet should be about freedom, not recording people's conversations, tracking their movement, their family. I suggested that all AP's have ipsec or some other form of encryption for its local users (that do not have an ipsec tcpip stack). Compression could work with it very well, unloading up to 50% of traffic. But it takes resources - Pentium II would be necessary.
The best would be of course end to end encryption, which (I hope) will be dealt with.