Re: Worldnet.att.net via Linux PPP Connection

To: Bruce Perens <bruce@pixar.com>
Cc: debian-user@lists.debian.org
Subject: Re: Worldnet.att.net via Linux PPP Connection
From: Christian Hudon <chrish@libertel.montreal.qc.ca>
Date: Fri, 13 Sep 1996 20:34:40 -0700 (PDT)
Message-id: <[🔎] Pine.SGI.3.95.960913202523.26889B-100000@ana.libertel.montreal.qc.ca>
In-reply-to: <[🔎] m0v1fQi-0007oyC@mongo.pixar.com>

On Fri, 13 Sep 1996, Bruce Perens wrote:

> I'd like to hear a good explanation of what the security problem is,
> and why anyone would want to use source routes.

The security problem? Basically, if you've got source routing enabled, I
can send bad IP packets to your machine and they'll get there. By 'bad' I
mean, say, packets with a wrong 'Source IP' field.

This can be used to get packets from 'outside' through a firewall and make
the packets look like they came from 'inside' to the destination machine,
I believe.

And of course, this is kinda 'helpful' to crack services (eg rsh, etc.)
that put trust into specific IP numbers.

I don't know it that was very clear, but at least it was some kind of an
explanation. Please keep 'Drop source routed frames' enabled in the Debian
kernels.

  Christian

Reply to:

References:
- Re: Worldnet.att.net via Linux PPP Connection
  - From: bruce@pixar.com (Bruce Perens)

Prev by Date: Re: execute permissions in /etc/init.d
Next by Date: X authorization
Previous by thread: Re: Worldnet.att.net via Linux PPP Connection
Next by thread: Re: Worldnet.att.net via Linux PPP ConnectionRep
Index(es):
- Date
- Thread