|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: If you have nothing to hide
Thus spake <[email protected]> > <snip> > > our packets. While I'm certainly in favor of anything edge providers can > > do to eliminate denial of service attacks based on source-routing, > > I certainly don't want anything further. > <snip> > > denial of service based upon source routing? I hadn't heard of any denial > of service attacks of that sort. > > Disabling source-routing is like filtering icmp, sure you might block > a few abuses, but more often than not, you are throwing out legitimate > traffic. I can't come up with any legitimate reason to use source-routed packets today. If your routers even support them, they probably consume orders of magnitude more processing power than normal packets; that is enough reason to disable source-routing, not to mention the security implications. S
|