I know certain things about source routing:
- Stated purpose (see RFC 791) was to allow the specification of routing
information to be used by gateways.
- I know how to code source routed packets under UNIX (or Linux).
- They can be used in attacking TCP/IP hosts (see IPEXT paper on
weaknesses in the TCP/IP protocol.
- Microsoft's tracert module purportedly has an option to use
loose source-routing to debug network problems (this is their
version of traceroute).
- Some networks configure their routers to reject source-routed packets.
- Firewalls should reject source-routed packets.
What I am curious about is what functions or applications, if any, commonly use source-routing. I haven't noticed any Telnet clients that, for example, could specify a loose source-routing to contact a particular host. I have searched the Comer series on Internetworking with TCP/IP and other references, but see little information on actual usage.
Ray Hooker, rayhook @
Secure I/T Inc.