Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Firewall comparison in Data Communications

From: Alexander Schreiber <Alexander.Schreiber () informatik tu-chemnitz de>
Date: Wed, 2 Jun 1999 12:41:00 +0200 (MET DST)
On Mon, 31 May 1999, Brian Steele wrote:


<newbie-mode>What's a "source-routed packet"?  And what danger does it pose
to a Firewall?</newbie-mode>


It's a packet that contains a list of nodes to route it through. If you know
enough about the network structure behind a gateway machine (simple router,
firewall, ...) that does _not_ drop such packets on the floor you can happily
access machines that you should not be able to.

Every at least partly sane network admin therefore has his systems configured
to drop this kind of packet right on the floor - and probably report them
as _very_ lame attack attempt.

Regards,
        Alex.
-- 
------------------------------------------------------------------------------ 
 EMail : als () informatik tu-chemnitz de | WWW : http://www.tu-chemnitz.de/~als
 If privacy is outlawed, only outlaws will have | Ceterum censeo Parva Mollia
 privacy. (Philip Zimmerman, author of PGP)     | esse delendam.
Previous By Date Next
Previous By Thread Next

Current thread: