Open relays and open proxies

Curtis Maurand curtis at maurand.com
Mon Apr 28 04:12:14 UTC 2003


It was explained to me by one of the kind folks at isc.org that my assertions 
were incorrect and why.  I now stand corrected.  my humblest apologies for 
the use of the bandwidth.

Curtis

On Saturday 26 April 2003 16:34, bdragon at gweep.net wrote:
>  [CC list cleaned up]
>
> > I think the most basic thing that any xSP could do to prevent relays and
> > other basic address spoofing would be to disable source ip routing in
> > every router that's installed.  I would prevent a lot of abuse.
> >
> > Curt
>
> Can you support with data either:
> 1) IP source routing is used for "lots of abuse"
> 2) disabling IP source routing would prevent "lots of abuse"
>
> LSRR is a tool utilized to verify network topology and investigate
> such things as pointing default, etc. Several SP's require LSRR
> at minimum on border routers for this reason.




More information about the NANOG mailing list