|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: If you have nothing to hide
> > > "You know, there's quite a difference between source routing and > IP spoofing .." > > > > As true as this statement is, the two walk hand in hand (especially during > certain attacks). > > If I send an attack from a spoofed address to a victim, I can turn blue in > the face waiting for a response that will never come. > If I spoof an address and use loose source routing I can force the response > to return right through my network. I was not aware that responses to source-routed packets were themselves source-routed. I also don't believe it is the case, but am open to being contradicted. If the responses aren't source-routed, then the packets would only return through your network if your network was the path back to the spoofed source. > Also loose source routing can be used for Man-in-the-middle attacks by using > a loose source route you can force all traffic to pass through the attackers > network. You could make the outbound traffic pass through a secondary target, but with software-processing of ip options, your goodput of dos payload may go way down. You are more likely to take down something closer to yourself and self-limit the attack. > Strict source routing does not benefit an attacker, but as I said loose > source routing does.
|