Re: ICMP Attacks???????

[Edward Henigin <ed () texas net>]

        Interesting.

        I think router vendors are going to have to implement this.

        (I know I know, this probably belongs on com-priv.. but...)

        For the Internet to grow in its economic viablility,
you have to make the men in suits happy.  Part of making the men
in suits happy is by maintaining security and accountability in
your networks.  It sounds like TRAP ICMP goes a long way towards
solving many of the problem's we've seen of late... 

        I mean, the way things work on the Internet right now, I'm
surprised some teenage hackers haven't set up protection rackets...
with the lack of accountability, lack of cooperation, etc, in 
today's backbones, it wouldn't be hard to say "Hey Microsoft,
pay me $50K/mo or I'll make your web servers totally useless..."


--
On Sun, Aug 17, 1997 at 05:35:46PM -0700, Vadim Antonov said:
> Just for the record -- the first description of such mechanism
> is in Sep 95 draft for TRAP ICMP:
>
>    "Trace Back messages
>    allow to locate the source of a stream of packets even if they
>    carry incorrect or forged source address.  Trace Back message
>    causes a gateway to install a "trap" route to the specified desti-
>    nation, to catch the incoming packet to that destination.  Once the
>    packet is received, the gateway reports it to the trace initiator,
>    removes the trap, and sends the Trace Back message to the neighbour
>    gateway the message came from.  A trap expires (thus terminating
>    the trace) if no packet addressed to the destination is received."
>
> --vadim