|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical [[email protected]: Fwd: Re: If you have nothing to hide]
In message <[email protected]>, [email protected] et writes: > >I was not aware that responses to source-routed packets were themselves >source-routed. I also don't believe it is the case, but am open to being >contradicted. If the responses aren't source-routed, then the packets would >only return through your network if your network was the path back to the >spoofed source. A friend of mine directed me to this thread. Source routed packets can indeed be used to spoof IP connections, and I've written a tool to do it. It's available at http://www.synacklabs.net/projects/lsrtunnel If you simply want to check host behaviour to see if you can spoof connections, I've written a scanner at http://www.synacklabs.net/projects/lsrscan Short story is Solaris < 8 will reverse source routes by default, and Windows boxes will reverse source routes by default. The BSDs and Linuces I've tested mostly block source routed packets by default. Todd
|