Firewalls: Re: IP source routing

Firewalls
(November 1993)

Indexed By Thread: [Previous] [Next]

Subject:	Re: IP source routing
From:	gt6468c @ prism . gatech . edu (Christopher Klaus)
Date:	Tue, 23 Nov 1993 01:23:59 -0500 (EST)
To:	pmetzger @ lehman . com
Cc:	firewalls @ greatcircle . com
In-reply-to:	<9311230142 . AA23809 @ snark . lehman . com> from "Perry E. Metzger" at Nov 22, 93 08:42:11 pm

> > Is this a no-brainer, and one should definitely turn it OFF, or is the only
> > security problem that another host can masquerade in pings or traceroutes?
> 
> Turn it off on your firewall. Pass no source routed packets, period,
> or you might find all sorts of very evil attacks being
> perpetrated. Indeed, turn it off anywhere you can -- internally if you
> can manage it.

I am wondering if there is a test to remotely see if IP Forwarding is
turned on a host?  Like if I admin a large network and there are
several nets within mine in different departments, and I want to see
if a particular machine has IP Forwarding, I am wondering would there
be a good way to remotely bounce a packet that would check for ip-forwarding
or not?



-- 
Christopher William Klaus
Internet: gt6468c @
 prism .
 gatech .
 edu coup @
 gnu .
 ai .
 mit .
 edu cklaus @
 hotsun .
 nersc .
 gov
26468 GaTech Station, Atlanta Georgia, 30332   (404)-206-1513

Follow-Ups:

Re: IP source routing
From: "Perry E. Metzger" <pmetzger @ lehman . com>
Re: IP source routing
From: Tom Fitzgerald <fitz @ wang . com>

References:

Re: IP source routing
From: "Perry E. Metzger" <pmetzger @ lehman . com>

Indexed By Date	Previous:	Re: IP source routing From: mjr @ TIS . COM
Indexed By Date	Next:	Re: IP source routing From: Tom Fitzgerald <fitz @ wang . com>
Indexed By Thread	Previous:	Re: IP source routing From: "Perry E. Metzger" <pmetzger @ lehman . com>
Indexed By Thread	Next:	Re: IP source routing From: Tom Fitzgerald <fitz @ wang . com>