On Fri, 13 Sep 1996, Bruce Perens wrote: > I'd like to hear a good explanation of what the security problem is, > and why anyone would want to use source routes.
The security problem? Basically, if you've got source routing enabled, I can send bad IP packets to your machine and they'll get there. By 'bad' I mean, say, packets with a wrong 'Source IP' field. This can be used to get packets from 'outside' through a firewall and make the packets look like they came from 'inside' to the destination machine, I believe. And of course, this is kinda 'helpful' to crack services (eg rsh, etc.) that put trust into specific IP numbers. I don't know it that was very clear, but at least it was some kind of an explanation. Please keep 'Drop source routed frames' enabled in the Debian kernels. Christian
