Re: syn attack and source routing

["Brett D. Watson" <bwatson () genuity net>]

  read my message again, john.  i said i don't like the prospect of
removing lsrr.  i use it.  i hate running across backbones that have
it disabled.

  i wasn't campaigning to remove it.  i was asking how dangerous it
could be because i honestly didn't know.  i didn't mean to alarm
anyone or imply that i would be turning off lsrr. :)

-brett

> From:    John Hawkinson <jhawk () bbnplanet com>
> Subject: Re: syn attack and source routing
>
> Return-Path: <jhawk () bbnplanet com>
> In-Reply-To: <199609181640.JAA01450 () batcave genuity net> from "Brett D. Watson"
>      *** at Sep 18, 96 09:40:02 am
> X-Mailer: ELM [version 2.4 PL23]
> MIME-Version: 1.0
> Content-Type: text/plain; charset=US-ASCII
> Content-Transfer-Encoding: 7bit
>
> >   i should have been more specific.  i don't like the idea (at all) of
> > breaking traceroute -g either.  i guess in a more general sense i
> > should ask "just how dangerous *is* having backbone-wide/internet-wide
> > loose source routing enabled?".
>
> As Curtis explained, "not very".
>
> Worst case, those folks feeling victimized can (and do!) simply shut
> it off.
>
> This is a very different case from that of SYN flooding, where the
> victims are powerless to stop it.
>
> Please don't take our LSRR away from us, it is very useful.
> Campaigning to remove something just because you suspect it might be
> bad is really not nice -- it will result in random clueless people
> believeing you when perchance they should not :-)
>
> --jhawk

- - - - - - - - - - - - - - - - -