Well all he has to be specific about is the version of Sun OS that he is
running. If it is SunOS4.1.X you need to patch the kernal to turn off
source routing. (this patch is to the best of my knowledge not supported
by SUN) it can be found in the archives of this mailing list. If it is
Solaris 2.X I have been told you can turn off ip source routing using
ndd. I have not verified the part about Solaris.
Mike
( ( | ( Mike Malik (mam @
ssds .
com)
) ) (| ), inc. 9841 Broken Land Parkway,Suite 100
business driven Columbia, MD 21046
technology solutions 410-381-4313 FAX: 410-381-2170
On Fri, 5 Jan 1996, Frank Willoughby wrote:
> Date: Fri, 5 Jan 96 09:37:15 -0500
> From: Frank Willoughby <frankw @
in .
net>
> To: Neil <CARSON @
rmcs .
cranfield .
ac .
uk>
> Cc: firewalls @
GreatCircle .
COM
> Subject: Re: Source Routed Packets
>
> Neil,
>
>
> >I am currently using, in a trial firewall, a Sun SPARC 10 running a kernel
> >with IP packet forwarding turned off.
> >
> >The only problem is that SunOS will still (I believe) allow IP source
> >routed packets through the bastion host.
> >
>
> It is difficult to tell which firewall you are evaluating. Can you be
> more specific?
>
>
> >Is there a software fix for this available that does not mean buying a
> >screening Cisco or something like that?
> >
> > Yours Aye,
> >
> > Neil
> >
> >* Neil A Carson
> >* The Royal Military College of Science, Shrivenham
> >* e-mail carson @
rmcs .
cranfield .
ac .
uk
> >* Address: Kitchener Mess, RMCS, Shrivenham SN6 8LA. Tel: (01793) 784428 (Home)
>
> Best Regards,
>
>
> Frank
> Fortified Networks Inc. - Management & Information Security Consulting
> Phone: (317) 573-0800 - http://www.fortified.com/fortified/
>
> <standard disclaimer>
> The opinions expressed above are of the author and may not
> necessarily be representative of Fortified Networks Inc.
>
>
References:
|
|
