[lamour at mail.argfrp.us.uu.net: Fwd: Re: If you have nothing to hide]

• Previous message (by thread): Anyone heard of anything at OC24?
• Next message (by thread): BGP evaluation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <20020805225221.82473.qmail at sidehack.sat.gweep.net>, bdragon at gweep.n
et writes:
>
>I was not aware that responses to source-routed packets were themselves
>source-routed. I also don't believe it is the case, but am open to being
>contradicted. If the responses aren't source-routed, then the packets would
>only return through your network if your network was the path back to the
>spoofed source.

A friend of mine directed me to this thread. Source routed packets
can indeed be used to spoof IP connections, and I've written a tool
to do it. It's available at http://www.synacklabs.net/projects/lsrtunnel

If you simply want to check host behaviour to see if you can spoof
connections, I've written a scanner at
http://www.synacklabs.net/projects/lsrscan

Short story is Solaris < 8 will reverse source routes by default, and
Windows boxes will reverse source routes by default. The BSDs and
Linuces I've tested mostly block source routed packets by default.

Todd

• Previous message (by thread): Anyone heard of anything at OC24?
• Next message (by thread): BGP evaluation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]