As Christoph Lameter wrote: > To: [EMAIL PROTECTED] > From: [EMAIL PROTECTED] (Christoph Lameter) > Subject: Re: Worldnet.att.net via Linux PPP Connection > Date: 10 Sep 1996 18:12:22 -0700 > Organization: Fuller Theological Seminary, Pasadena, CA 91182 > Message-Id: <[EMAIL PROTECTED]> > Resent-From: debian-user@lists.debian.org > > David L. Craig ([EMAIL PROTECTED]) wrote: > : I was very unhappy to see this nice explanation ignore the > : perils of IP routing between the ISP and internal networks. > : Does anyone suppose its original source could be located so > : at least a paragraph could be inserted warning of the danger > : and recommending the user hook up with his network > : administrator to ensure he doesn't inadvertantly create a > : backdoor into his organization? > > I am not aware that this could happen. There is no IP > routing going on at all. Most ISPs (like us) block all > routing information sent from the PPP link.
I guess I wasn't clear. I wasn't refering to routing protocols as much as the ability of packets to be source-routed through the system. My point was this type of document should include enough information, probably one paragraph including a pointer to detailed info, that alerts the reader to these security issues. It is not the job of the ISPs to educate their customers about risks of being an Internet host, and the network admin on the LAN side of this path may not be aware the node is running a SLIP or PPP link to an ISP.
