As Bruce Perens wrote: > Message-Id: <[EMAIL PROTECTED]> > Date: Fri, 13 Sep 96 14:05 PDT > From: [EMAIL PROTECTED] (Bruce Perens) > To: [EMAIL PROTECTED] (Christoph Lameter), "David L. Craig" <[EMAIL > PROTECTED]> > Subject: Re: Worldnet.att.net via Linux PPP Connection > Cc: debian-user@lists.debian.org > Reply-To: Bruce Perens <[EMAIL PROTECTED]>
> I'd like to hear a good explanation of what the security problem is, > and why anyone would want to use source routes. The only legitimate use of source routing of which I am aware is for testing explicit network routes, determining their RTTs, etc. Illegitimate uses are attacks employing address spoofing, sequence number guessing, ICMP Redirects, and undoubtedly many other methods, with results running from denial of service to complete compromise of a host. I am not enough of a security maven to provide a better explanation, though I'm trying to become more knowledgable. "Firewalls and Internet Security" by Cheswick and Bellovin makes for sobering reading, but leaves much as an exercise to the reader. Perhaps the more knowledgable, like Alan Cox, could provide a satisfactory explanation. Again, my point is: shouldn't there be a mention of the basics (be sure IP forwarding and source routing are not enabled) with an end user level of explanation of why not, a pointer to more info, and an encouragement to be sure the local network admin is aware of the link?
