syn attack and source routing

• Previous message (by thread): BCP writers
• Next message (by thread): syn attack and source routing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> From:    Hank Nussbacher <hank at ibm.net.il>
> Subject: Re: syn attack and source routing 
> 
> Return-Path: <hank at ibm.net.il>
> X-Mailer: Chameleon ARM_55, TCP/IP for Windows, NetManage Inc.
> MIME-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> 
> 
> On Wed, 18 Sep 1996 03:17:27 -0400  Curtis Villamizar wrote:
> >If source routing is blocked at the end site it doesn't help any
> >toturn it off in the backbones and turning it off destroys the ability
> >to trace routing problems that customers report (short of finger
> >pointing to another provider or giving the customer the run around by
> >successive handoffs to other NOCs debugging, any "I can't get there
> >from here" is sort of hopeless if you can't traceroute -g).
> 
> Since more and more are blocking source routing and breaking traceroute -g
> then those that block it at their router should at the very least make 
> a WWW traceroute available from their system so as to diagnose those
> problems you mention.  Almost all those that I have in my web site
> (http://www.ibm.net.il/traceroute) are customers connected to major ISPs.
> I think the 10 majors should have on their backbones a WWW traceroute
> as above.

  i should have been more specific.  i don't like the idea (at all) of
breaking traceroute -g either.  i guess in a more general sense i
should ask "just how dangerous *is* having backbone-wide/internet-wide
loose source routing enabled?".

-brett

• Previous message (by thread): BCP writers
• Next message (by thread): syn attack and source routing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]