Re: Worldnet.att.net via Linux PPP Connection
On Fri, 13 Sep 1996, Bruce Perens wrote:
> I'd like to hear a good explanation of what the security problem is,
> and why anyone would want to use source routes.
The security problem? Basically, if you've got source routing enabled, I
can send bad IP packets to your machine and they'll get there. By 'bad' I
mean, say, packets with a wrong 'Source IP' field.
This can be used to get packets from 'outside' through a firewall and make
the packets look like they came from 'inside' to the destination machine,
I believe.
And of course, this is kinda 'helpful' to crack services (eg rsh, etc.)
that put trust into specific IP numbers.
I don't know it that was very clear, but at least it was some kind of an
explanation. Please keep 'Drop source routed frames' enabled in the Debian
kernels.
Christian
Reply to: