nanog mailing list archives
Re: syn attack and source routing
From: Curtis Villamizar <curtis () ans net>
Date: Wed, 18 Sep 1996 03:17:27 -0400
In message <199609180636.XAA01860 () batcave genuity net>, "Brett D. Watson" write s:
i'm surprised there has been no discussion of turning off source routing on major backbones to help alleviate this problem. all of the focus seems to be on the edges of the networks when in fact the attackers are "running right up the middle". i'm not disagreeing that providers need to filter on the edges but the "big guys" are just as responsible as the "little guys". i know what a can of worms this is because source routing is quite useful in tracking down network and routing problems but it seems to me the danger it imposes today outweighs it's usefulness. -brett
If source routing is blocked at the end site it doesn't help any toturn it off in the backbones and turning it off destroys the ability to trace routing problems that customers report (short of finger pointing to another provider or giving the customer the run around by successive handoffs to other NOCs debugging, any "I can't get there from here" is sort of hopeless if you can't traceroute -g). Curtis - - - - - - - - - - - - - - - - -
Current thread:
- syn attack and source routing Brett D. Watson (Sep 17)
- Re: syn attack and source routing Curtis Villamizar (Sep 18)
- <Possible follow-ups>
- Re: syn attack and source routing Hank Nussbacher (Sep 18)
- BCP writers Michael Dillon (Sep 18)
- Re: syn attack and source routing Brett D. Watson (Sep 18)
- Re: syn attack and source routing John Hawkinson (Sep 18)
- Re: syn attack and source routing Brett D. Watson (Sep 18)
- Re: syn attack and source routing Vadim Antonov (Sep 18)
- Re: syn attack and source routing Paul A Vixie (Sep 18)
- Re: syn attack and source routing Alexis Rosen (Sep 27)
- Re: syn attack and source routing John Hawkinson (Sep 18)
- Re: syn attack and source routing Alec H. Peterson (Sep 19)
- Re: syn attack and source routing Paul A Vixie (Sep 18)
(Thread continues...)