Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1996_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1996: Re: Router programming,source routes and spoofed ICMP attacks.

Re: Router programming,source routes and spoofed ICMP attacks.

Alan Brown (alanmanawatu.planet.org.nz)
Mon, 24 Jun 1996 19:57:06 +1200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: martinhmailhost.emap.co.uk: "Re: Sendmail 6.x+ holes?"
Previous message: Rowan Smith: "Re: nuke"

On Sat, 22 Jun 1996, der Mouse wrote:

> "Fixing" this by dumping source routes is like "fixing" nuke.c by
> dropping ICMP packets - it's going at it all wrong.

Looked at from a purist point of view, yes.

Securicor 3net's Ace routers have a very large warning in their manuals
that enabling source routing may leave you open to attack. Cisco don't,
and because they default to allowing it, many vulnerable admins are
blithely unaware of the risks they may be taking.

I agree that not allowing source routing to be enabled is wrong, but I
feel that leaving it enabled by default without a warning is just as wrong.

AB

Next message: martinhmailhost.emap.co.uk: "Re: Sendmail 6.x+ holes?"
Previous message: Rowan Smith: "Re: nuke"