Firewall Wizards mailing list archives

RE: Firewall comparison in Data Communications

From: "Ray Hooker" <rayhook () ibm net>
Date: Wed, 2 Jun 1999 09:47:55 -0400

A source-routed packet is a packet which has the route information built
into it.  Normally you rely on the route tables in the routers to forward
the traffic from one segment to another.  One of the first ways to
"firewall" is to remove routes.  The idea is that the network would be
unreachable.  Actually the TCP/IP protocol provides for a mean to prespecify
the path the packet will follow in the packet header using the
"source-routing" feature.  For that reason, simply removing routes alone is
not adequate security.

A good firewall should discard source-routed packets.

Ray

Current thread:

Re: Firewall comparison in Data Communications Matt Curtin (Jun 01)
- <Possible follow-ups>
- RE: Firewall comparison in Data Communications Brian Steele (Jun 01)
  - RE: Firewall comparison in Data Communications Ray Hooker (Jun 02)
  - RE: Firewall comparison in Data Communications David T. Smith (Jun 03)
  - RE: Firewall comparison in Data Communications Alexander Schreiber (Jun 03)
  - Re: Firewall comparison in Data Communications Chris Brenton (Jun 03)
- Re: Firewall comparison in Data Communications Ge' Weijers (Jun 02)
- RE: Firewall comparison in Data Communications David Newman (Jun 02)
  - RE: Firewall comparison in Data Communications Kevin Steves (Jun 14)
- RE: Firewall comparison in Data Communications W J La Cholter (Jun 03)
- Re: Firewall comparison in Data Communications Don Kendrick (Jun 03)
- RE: Firewall comparison in Data Communications Russ (Jun 03)
- RE: Firewall comparison in Data Communications csingletary (Jun 03)

(Thread continues...)