[3803] in North American Network Operators' Group
Re: Access to the Internic Blocked
daemon@ATHENA.MIT.EDU (Vadim Antonov)
Thu Aug 22 01:13:00 1996
Date: Wed, 21 Aug 1996 21:49:03 -0700
From: Vadim Antonov <avg@quake.net>
To: gih@aarnet.edu.au, nanog@merit.edu
On itself, LSRR is a godsend to hackers (i can think of about
a dozen of very nasty attacks using general LSRR). The only
useful application for it is traceroute.
Why don't router vendors provide an option to turn it
off for everything but ICMP ECHO?
--vadim
From avg Wed Aug 21 21:44:50 1996
Date: Thu, 22 Aug 1996 09:17:26 +1000
From: Geoff Huston <gih@aarnet.edu.au>
To: nanog@merit.edu
Subject: Re: Access to the Internic Blocked
The number of transit providers who turn off lsrr is growing daily.
Quite frankly turning it off it simply makes everyones life harder.
The only justification I hear when I question this is a) "this is some
kind of proxy security mechanism for our clients" (really!) or b)
"whats loose source routing anyway?"
Geoff Huston
gih@telstra.net
>To: Michael Dillon <michael@memra.com>
>cc: nanog@merit.edu
>Subject: Re: Access to the Internic Blocked
>Date: Wed, 21 Aug 1996 13:41:50 -0400
>From: "Jeff Young" <young@mci.net>
>
>perhaps if folks would just take the time to loose source route
>in both directions instead of only one...
>
>was the web page in response to complaints to those who turn off lsrr?
>
>Jeff Young
>young@mci.net
