nanog mailing list archives
Re: If you have nothing to hide
From: <bdragon () gweep net>
Date: Mon, 5 Aug 2002 18:52:21 -0400 (EDT)
"You know, there's quite a difference between source routing and IP spoofing .." As true as this statement is, the two walk hand in hand (especially during certain attacks). If I send an attack from a spoofed address to a victim, I can turn blue in the face waiting for a response that will never come. If I spoof an address and use loose source routing I can force the response to return right through my network.
I was not aware that responses to source-routed packets were themselves source-routed. I also don't believe it is the case, but am open to being contradicted. If the responses aren't source-routed, then the packets would only return through your network if your network was the path back to the spoofed source.
Also loose source routing can be used for Man-in-the-middle attacks by using a loose source route you can force all traffic to pass through the attackers network.
You could make the outbound traffic pass through a secondary target, but with software-processing of ip options, your goodput of dos payload may go way down. You are more likely to take down something closer to yourself and self-limit the attack.
Strict source routing does not benefit an attacker, but as I said loose source routing does.
Current thread:
- Re: If you have nothing to hide, (continued)
- Re: If you have nothing to hide Gerardo A. Gregory (Aug 05)
- Re: If you have nothing to hide Sean Donelan (Aug 06)
- Re: If you have nothing to hide Simon Waters (Aug 05)
- Re: If you have nothing to hide fingers (Aug 05)
- Re: If you have nothing to hide Henry Yen (Aug 05)
- Re: If you have nothing to hide bdragon (Aug 05)
- Re: If you have nothing to hide Eric Osborne (Aug 05)
- Re: If you have nothing to hide bdragon (Aug 05)
- Re: If you have nothing to hide Eric Osborne (Aug 05)
- Re: If you have nothing to hide Eric Osborne (Aug 05)
- Re: Re[2]: If you have nothing to hide Miquel van Smoorenburg (Aug 05)
- Re: If you have nothing to hide bdragon (Aug 05)
- Re[4]: If you have nothing to hide Richard Welty (Aug 05)
- Re: If you have nothing to hide Steven M. Bellovin (Aug 07)
- Re: If you have nothing to hide bdragon (Aug 08)
- Re: If you have nothing to hide gg (Aug 09)
- 59% of dweebs suffer from 'False Authority Syndrome (Re: If you have nothing to hide) Len Rose (Aug 09)
- Re: If you have nothing to hide bdragon (Aug 08)