|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ICMP Attacks???????
Just for the record -- the first description of such mechanism is in Sep 95 draft for TRAP ICMP: "Trace Back messages allow to locate the source of a stream of packets even if they carry incorrect or forged source address. Trace Back message causes a gateway to install a "trap" route to the specified desti- nation, to catch the incoming packet to that destination. Once the packet is received, the gateway reports it to the trace initiator, removes the trap, and sends the Trace Back message to the neighbour gateway the message came from. A trap expires (thus terminating the trace) if no packet addressed to the destination is received." --vadim "Alex.Bligh" writes: > > The other nice solution would be an inverse traceroute that went > back to each router in turn, passing it a bit of BPF saying "where > are you getting packets like this from please?". If such a protocol > existed...
|