Access to the Internic Blocked
jhawk at bbnplanet.com
Thu Aug 22 05:52:45 UTC 1996
> >On itself, LSRR is a godsend to hackers (i can think of about
> >a dozen of very nasty attacks using general LSRR). The only
> >useful application for it is traceroute.
> >Why don't router vendors provide an option to turn it
> >off for everything but ICMP ECHO?
> Personally I find this an excellent suggestion.
So now I need to hack my traceroute to send ICMP_ECHO_REQUESTS instead
of high-port udp packets?
Oh well, I guess we can put this right next to the patches to have
traceroute send TCP SYNs to get through stupid firewalls.
More information about the NANOG