irado, Source routing lets the sender tell your routers how to route the reply. An attacker can tell your system he is coming from a trusted source IP but to rout the reply through a path the system would not normally take, effectively through someplace where he can interecept the reply even though his IP is not the claimed source IP. Makes masquerading attacks much easier. Always try to avoid it.
Adam ----- Original Message ----- From: "irado furioso com tudo" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: "piranha piranha" <[EMAIL PROTECTED]> Sent: Sunday, March 03, 2002 6:37 AM Subject: Re: why block source_routing piranha piranha wrote: > irado, > > gpo find out what havoc you can play with source-routing then ask the > same d&^%$ question. > > or better yet send me a traceroute of the router interfaces in your > domain and i will show a really good demo fo why not to allow this. > > > piranha.. > > > thank you very much for the 'generous' offer ;-) I am just curious - as said, every firewall recipe says: 'do not enable this..' but it is not clear on 'because this and that..' department. -- sauda��es, irado furioso com tudo. Linux User (SuSE) 179.402 que se pode esperar de um pa�s que considera bundas gordas como 'talento'e intelig�ncia � aferida pelo 'show do milh�o'? _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
