North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Access to the Internic Blocked
> >On itself, LSRR is a godsend to hackers (i can think of about > >a dozen of very nasty attacks using general LSRR). The only > >useful application for it is traceroute. > > > >Why don't router vendors provide an option to turn it > >off for everything but ICMP ECHO? > > Personally I find this an excellent suggestion. So now I need to hack my traceroute to send ICMP_ECHO_REQUESTS instead of high-port udp packets? Oh well, I guess we can put this right next to the patches to have traceroute send TCP SYNs to get through stupid firewalls. --jhawk - - - - - - - - - - - - - - - - -
|