Alex Bligh wrote:

>> Because various NAT/PAT gateways put all the possible and impossible
>> modificaitons on certain, including DNS, packets that there is virtually
>> no directness expected.

> I am guessing this is a very common SoHo configuration though.

Has anyone stopped to ask how much effort/emphasis should really be
spent trying to protect end users?

People perpetrating attacks on the internet still pay attention to the
principals of economics, that is getting the most benefit from the least
amount of work.

For what it's worth, I think the real focus here should be ISP
resolvers, not home users. Not to mention this should be a simpler
problem to solve for a number of reasons.

It seems to me that there is an excessive amount of attention being paid
to protect what is potentially 1 machine in most cases.


Best regards,

to unsubscribe send a message to with
the word 'unsubscribe' in a single line as the message text body.