Re: Worldnet.att.net via Linux PPP ConnectionRep

["David L. Craig" <dlc@g1.com>]

As Bruce Perens wrote:

> Message-Id: <[🔎] m0v1fQi-0007oyC@mongo.pixar.com>
> Date: Fri, 13 Sep 96 14:05 PDT
> From: bruce@pixar.com (Bruce Perens)
> To: clameter@waterf.org (Christoph Lameter), "David L. Craig" <dlc@g1.com>
> Subject: Re: Worldnet.att.net via Linux PPP Connection
> Cc: debian-user@lists.debian.org
> Reply-To: Bruce Perens <Bruce@pixar.com>

> I'd like to hear a good explanation of what the security problem is,
> and why anyone would want to use source routes.

The only legitimate use of source routing of which I am aware
is for testing explicit network routes, determining their
RTTs, etc.  Illegitimate uses are attacks employing address
spoofing, sequence number guessing, ICMP Redirects,  and
undoubtedly many other methods, with results running from
denial of service to complete compromise of a host.  I am not
enough of a security maven to provide a better explanation,
though I'm trying to become more knowledgable.  "Firewalls
and Internet Security" by Cheswick and Bellovin makes for
sobering reading, but leaves much as an exercise to the
reader.  Perhaps the more knowledgable, like Alan Cox, could
provide a satisfactory explanation.

Again, my point is:  shouldn't there be a mention of the basics
(be sure IP forwarding and source routing are not enabled) with
an end user level of explanation of why not, a pointer to more
info, and an encouragement to be sure the local network admin
is aware of the link?