In article <1175607526.159882.159740@l77g2000hsb.googlegroups .com>,
lostlander <lostlander.tom@gmail.com> wrote:
>Why most TCP/IP implementations are designed to allow sending packets
>whose src IP or Mac adderss is not the sender's real address?! In my
>opinion, this causes many problems, especially lead to some virus.

1) How would you stop people from using alternate addresses when they
have administrative access to their systems?

2) Within touching distance of me at the moment, I have six systems
that are willing to act as routers doing IP address translation --
what's my "real" IP address? What -is- a "real ip address"?
On multihomed systems? On systems that are part of clusters
providing redundancy or fail-over?

3) The TCP/IP implementation on the system I'm using right now
was designed to be able to provide service to multiple IP addresses
per interface; in the days it was built, computers were expensive
and you couldn't afford to go out and buy another one from petty cash.
We're talking "hire a person for a year" kind of prices. Should the
TCP/IP implementers really have (-somehow-!) enforced the kinds of
restrictions you are thinking of, even though it would have cost
a lot of people a lot of money back then?

4) Remember, a computer is a general purpose information processing
device. Trying to prevent it from being used in certain ways is
like trying to block a stream from running downhill by blocking
it with your open fingers. If you want to get an idea of how
hard it is in real life, check out how for Microsoft got on its
Trusted Computing Initiative, such as using its Trusted Platform Module
(TPM).