[57912] in North American Network Operators' Group
Re: Open relays and open proxies
daemon@ATHENA.MIT.EDU (bdragon@gweep.net)
Sat Apr 26 16:36:37 2003
To: nanog@merit.edu
Date: Sat, 26 Apr 2003 16:34:07 -0400 (EDT)
In-Reply-To: <200304252007.18417.curtis@maurand.com> from "Curtis Maurand" at Apr 25, 2003 08:07:18 PM
From: <bdragon@gweep.net>
Errors-To: owner-nanog-outgoing@merit.edu
[CC list cleaned up]
> I think the most basic thing that any xSP could do to prevent relays and other
> basic address spoofing would be to disable source ip routing in every router
> that's installed. I would prevent a lot of abuse.
>
> Curt
Can you support with data either:
1) IP source routing is used for "lots of abuse"
2) disabling IP source routing would prevent "lots of abuse"
LSRR is a tool utilized to verify network topology and investigate
such things as pointing default, etc. Several SP's require LSRR
at minimum on border routers for this reason.
