North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: syn attack and source routing
> From: Hank Nussbacher <[email protected]> > Subject: Re: syn attack and source routing > > Return-Path: <[email protected]> > X-Mailer: Chameleon ARM_55, TCP/IP for Windows, NetManage Inc. > MIME-Version: 1.0 > Content-Type: TEXT/PLAIN; charset=US-ASCII > > > On Wed, 18 Sep 1996 03:17:27 -0400 Curtis Villamizar wrote: > >If source routing is blocked at the end site it doesn't help any > >toturn it off in the backbones and turning it off destroys the ability > >to trace routing problems that customers report (short of finger > >pointing to another provider or giving the customer the run around by > >successive handoffs to other NOCs debugging, any "I can't get there > >from here" is sort of hopeless if you can't traceroute -g). > > Since more and more are blocking source routing and breaking traceroute -g > then those that block it at their router should at the very least make > a WWW traceroute available from their system so as to diagnose those > problems you mention. Almost all those that I have in my web site > (http://www.ibm.net.il/traceroute) are customers connected to major ISPs. > I think the 10 majors should have on their backbones a WWW traceroute > as above. i should have been more specific. i don't like the idea (at all) of breaking traceroute -g either. i guess in a more general sense i should ask "just how dangerous *is* having backbone-wide/internet-wide loose source routing enabled?". -brett - - - - - - - - - - - - - - - - -
|