[4604] in North American Network Operators' Group
Re: syn attack and source routing
daemon@ATHENA.MIT.EDU (Curtis Villamizar)
Wed Sep 18 21:15:49 1996
To: Vadim Antonov <avg@quake.net>
cc: bwatson@genuity.net, jhawk@bbnplanet.com, curtis@ans.net, nanog@merit.edu
Reply-To: curtis@ans.net
In-reply-to: Your message of "Wed, 18 Sep 1996 14:07:55 PDT."
<199609182107.OAA00889@quest.quake.net>
Date: Wed, 18 Sep 1996 21:09:09 -0400
From: Curtis Villamizar <curtis@ans.net>
In message <199609182107.OAA00889@quest.quake.net>, Vadim Antonov writes:
> John Hawkinson <jhawk@bbnplanet.com> wrote:
>
> > i should have been more specific. i don't like the idea (at all) of
> > breaking traceroute -g either. i guess in a more general sense i
> > should ask "just how dangerous *is* having backbone-wide/internet-wide
> > loose source routing enabled?".
>
> >As Curtis explained, "not very".
>
> Want to wait until SYN attacks are augmented with LSRR-enabled
> traffic randomization to the point of making it nearly impossible
> to trace?
At the borders hosts that don't want to be attacked just shut off LSRR
at the border router or at the host itself.
Problem solved. And we still have traceroute "as is".
Curtis
