Let me try again, since it seems I wasn't clear enough. There's been
a lot of delightful talk about whether/how to retrieve the calling phone
on a given port. But none about how to determine with confidence which
port the nasty packets come from. Without source address assurance,
any user on any port of any dialin box can source packets with any IP
address(es) desired. So you don't know which port to go get ANI/CLID
for.
What is also not explained is how to produce multi-megabit streams from
dialup. MP? Multiple independent calls? Ping to broadcast with faked
source address? Or was the attack not from dialup at all? In other
words, I don't know why this attack generated a debate about ANI/CLID.
Barney Wolff