[50595] in North American Network Operators' Group
Re: If you have nothing to hide
daemon@ATHENA.MIT.EDU (Gerardo A. Gregory)
Mon Aug 5 14:48:50 2002
From: "Gerardo A. Gregory" <ggregory@affinitas.net>
To: "Jeffrey Haas" <jhaas@nexthop.com>, <nanog@merit.edu>
Date: Mon, 5 Aug 2002 13:50:24 -0500
Errors-To: owner-nanog-outgoing@merit.edu
"You know, there's quite a difference between source routing and
IP spoofing .."
As true as this statement is, the two walk hand in hand (especially during
certain attacks).
If I send an attack from a spoofed address to a victim, I can turn blue in
the face waiting for a response that will never come.
If I spoof an address and use loose source routing I can force the response
to return right through my network.
Also loose source routing can be used for Man-in-the-middle attacks by using
a loose source route you can force all traffic to pass through the attackers
network.
Strict source routing does not benefit an attacker, but as I said loose
source routing does.
