nanog mailing list archives

Re: syn attack and source routing

From: Curtis Villamizar <curtis () ans net>
Date: Wed, 18 Sep 1996 21:09:09 -0400


In message <199609182107.OAA00889 () quest quake net>, Vadim Antonov writes:

John Hawkinson <jhawk () bbnplanet com> wrote:

  i should have been more specific.  i don't like the idea (at all) of
breaking traceroute -g either.  i guess in a more general sense i
should ask "just how dangerous *is* having backbone-wide/internet-wide
loose source routing enabled?".

As Curtis explained, "not very".


Want to wait until SYN attacks are augmented with LSRR-enabled
traffic randomization to the point of making it nearly impossible
to trace?


At the borders hosts that don't want to be attacked just shut off LSRR
at the border router or at the host itself.

Problem solved.  And we still have traceroute "as is".

Curtis
- - - - - - - - - - - - - - - - -

Current thread:

Re: syn attack and source routing, (continued)
- Re: syn attack and source routing Hank Nussbacher (Sep 18)
  - BCP writers Michael Dillon (Sep 18)
- Re: syn attack and source routing Brett D. Watson (Sep 18)
  - Re: syn attack and source routing John Hawkinson (Sep 18)
- Re: syn attack and source routing Brett D. Watson (Sep 18)
- Re: syn attack and source routing Vadim Antonov (Sep 18)
  - Re: syn attack and source routing Paul A Vixie (Sep 18)
    - Re: syn attack and source routing Alexis Rosen (Sep 27)
  - Re: syn attack and source routing John Hawkinson (Sep 18)
    - Re: syn attack and source routing Alec H. Peterson (Sep 19)
  - Re: syn attack and source routing Curtis Villamizar (Sep 18)
- Re: syn attack and source routing Vadim Antonov (Sep 18)
- Re: syn attack and source routing Vadim Antonov (Sep 18)
- Re: syn attack and source routing Paul Ferguson (Sep 21)
  - Re: syn attack and source routing Jeff Young (Sep 21)
- Re: syn attack and source routing Vadim Antonov (Sep 21)
- Re: syn attack and source routing Vadim Antonov (Sep 27)