:: Re: [Netsukuku] DOS/MITM by TP spoo…
Top Page
Delete this message
Reply to this message
Author: michi1
Date:  
To: Eugen Leitl
CC: netsukuku
Subject: Re: [Netsukuku] DOS/MITM by TP spoofing??
Hi!

On 13:14 Wed 26 Oct     , Eugen Leitl wrote:

> On Wed, Oct 26, 2011 at 12:59:02PM +0200, michi1@??? wrote:
>
> > I disagree. IPv4 NAT already does anonymisation on layer 3. Sure, it is not
>
> NAT provides no anonymization whatsoever, if compared to Tor or I2P.


If compared to Tor or I2P - not really. If compared to IPv4 without NAT: Yes,
it does. You tell me how to find who did something, if the source IP points to
a network with 1000 pcs in it.

> If you want efficient (cut-through at relativistic speed) and no global
> routing tables you must follow geography. There is no other way.


Correction: your routing tables must be "small". You can do this with the
usual network/prefix addressing or you can present each network as one host
and do NAT.

> > onion encryption or geographically distributed. But overlay mix networks have
> > their own problems, like performance, exit node liability/harassment or the
>
> Exactly, the same network provides both low-overhead high-performance
> services and high-overhead slower services for those cases where you
> need anonymity. There's no need for mandatory overhead for optional
> features.


Mix networks are slow, *because* they are overlay networks. Pinging between 2
routers takes 100ms instead of 1ms. This will not get any faster.

Also, anonymity is *not* an optional feature. It was accidentially present in
some way or another from the beginning (weak anonymity, not "Tor or I2P"). It
is on important part, far from "optional". Do you think an internet where
every source IP address can be linked to a real person in real time by
everyone would be the same as the internet now?

Also, first we would even need to get from "too slow for most uses" to
"optional". Any suggestions?

> Exit node is meaningless if your every node is an exit.
>
> > entire network ending up blacklisted. I see no reason, why anonymisation
>
> We're not talking about the Internet as we know it, Jim.


What do you want to tell me?

> > should not start on layer 3. Especially not, if we build it from scratch
> > anyway.
>
> If you build it from scratch then geographic addressing and routing would be
> a layer 2 feature. Think of it loosely like the MAC equivalent in Ethernet.


You mean something close to the IPv6 catastrophe?

    -Michi