Firewalls: Re: Notes from Usenix Firewall BOF

Firewalls
(June 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Notes from Usenix Firewall BOF
From:	smb @ research . att . com
Date:	Wed, 15 Jun 94 15:16:24 EDT
To:	crow!rik @ uunet . uu . net
Cc:	firewalls @ greatcircle . com

	 Most popular attacks currently are:
	 3) source routing.

Let me expand on this one a bit, since the subject has recently come
up on Firewalls.  The attack Ed mentioned -- as I understood it, at
least -- is to source route to, and then through, a dual-homed bastion
host.  This is a way to bypass a firewall.

The moral:  *don't* allow source-routed packets through.  Period.

Follow-Ups:

Re: Notes from Usenix Firewall BOF
From: Christopher Klaus <cklaus @ shadow . net>

Indexed By Date	Previous:	penetration studies From: David Cohen <decohen @ maestro . com>
Indexed By Date	Next:	RFC 1597 From: andras @ is . co . za (Andras Salamon)
Indexed By Thread	Previous:	Notes from Usenix Firewall BOF From: crow!rik @ uunet . uu . net (Rik Farrow 602 282 0242 MST)
Indexed By Thread	Next:	Re: Notes from Usenix Firewall BOF From: Christopher Klaus <cklaus @ shadow . net>