[4547] in North American Network Operators' Group
syn attack and source routing
daemon@ATHENA.MIT.EDU (Brett D. Watson)
Wed Sep 18 02:49:35 1996
To: nanog@merit.edu
From: "Brett D. Watson" <bwatson@genuity.net>
Reply-To: bwatson@genuity.net
Date: Tue, 17 Sep 1996 23:36:52 -0700
i'm surprised there has been no discussion of turning off source
routing on major backbones to help alleviate this problem. all of
the focus seems to be on the edges of the networks when in fact the
attackers are "running right up the middle". i'm not disagreeing
that providers need to filter on the edges but the "big guys" are
just as responsible as the "little guys".
i know what a can of worms this is because source routing is quite
useful in tracking down network and routing problems but it seems to
me the danger it imposes today outweighs it's usefulness.
-brett
