Firewalls: Re: What is IP Source Routing?

Firewalls
(May 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: What is IP Source Routing?
From:	tdn @ tdn . xyplex . com (Thomas D. Nadeau)
Date:	Thu, 12 May 94 16:42:45 EDT
To:	qjohnson @ intellistor . com
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<9405121609 . AA03707 @ whizbang . Intellistor . COM> (qjohnson @ intellistor . com)

> 
> What is IP Source Routing?  The only definition I can come up
> with on my own would have been the same as the IP forwarding.
>qj> If a router believes an ICMP redirect message from the outside,
>qj> then attackers can teach your router (in our discussion a
>qj> dual-homed host is acting as a router) to use incorrect routes.
>qj> This is badness!

	
	IP source routing is, in general, a bad thing, and you should make
sure that all of your routers disregard source-routed packets, or
ignore the source route portion of an IP packet.  IP source routing
should *only* be used for debugging networks. 

	--tOm

/---------------------------------------------------------------------/
\                                                                     \
/  Thomas D. Nadeau                            ========      ======== /
\  Internetworking Software                      =======   =========  \
/  Xyplex, Inc.                                   =======  ======     /
\  295 Foster Street,                             ========  ==        \
/  Littleton, MA 01460                       -------=======  -------  /  
\                                                  ========  ==       \
/  Voice:  (508) 952-4837                         =======  ======     /
\  FAX:    (508) 952-4887                       =======   =========   \
/  email:  tdnadeau @
 eng .
 xyplex .
 com            ========    ==========  /
\                                                                     \
/---------------------------------------------------------------------/

References:

Re: What is IP Source Routing?
From: qjohnson @ intellistor . com (Quentin Johnson)

Indexed By Date	Previous:	Re: What is IP Source Routing? From: reh @ cs . UMD . EDU (Richard Huddleston)
Indexed By Date	Next:	Re: Ports that SHOULDN't be blocked (fwd) From: Justin <jc @ shadow . net>
Indexed By Thread	Previous:	Re: What is IP Source Routing? From: qjohnson @ intellistor . com (Quentin Johnson)
Indexed By Thread	Next:	Re: What is IP Source Routing? From: Brent Chapman <brent @ mycroft . GreatCircle . COM>