nanog mailing list archives
Re: syn attack and source routing
From: Vadim Antonov <avg () quake net>
Date: Sat, 21 Sep 1996 11:55:59 -0700
Paul Fergusson wrote:
Deja vu.
Deja vu on deja vu. I remember SYN flooding discussions four or five years ago. Then it was agreed that "who needs that" and "the threat is not significant". Now, has it to be reported by CNN to cause something to be done?
Didn't this same topic crop up a couple of years ago when the IP spoofing-sky-is-falling scare began?
Nah. The "scare" began when silly packet-filtering firewalls were deployed which didn't do disable LSRR, so somebody could use a silly O.S. (like HP-UX) which "did the right thing" about packets with LSRR to gain indirect access to "protected" boxes. The potential to more interesting damage facilitated by LSRR was never explored, to my knowledge. It's a matter of time, though.
If I'm not remiss, the discussion drifted towards encouraging end-system networks to disable source-routing at the entrance to their networks if they were paranoid, but encourage ISP's & transit providers to allow it.
Yawn. That will only last as long as the first ISP will be hit with LSRR-looping amplified flooding attack. If i'm not mistaken that'll nicely kill ciscos (which switching path is used to handle. loose source routing?) --vadim - - - - - - - - - - - - - - - - -
Current thread:
- Re: syn attack and source routing, (continued)
- Re: syn attack and source routing Vadim Antonov (Sep 18)
- Re: syn attack and source routing Paul A Vixie (Sep 18)
- Re: syn attack and source routing Alexis Rosen (Sep 27)
- Re: syn attack and source routing John Hawkinson (Sep 18)
- Re: syn attack and source routing Alec H. Peterson (Sep 19)
- Re: syn attack and source routing Curtis Villamizar (Sep 18)
- Re: syn attack and source routing Paul A Vixie (Sep 18)
- Re: syn attack and source routing Vadim Antonov (Sep 18)
- Re: syn attack and source routing Vadim Antonov (Sep 18)
- Re: syn attack and source routing Paul Ferguson (Sep 21)
- Re: syn attack and source routing Jeff Young (Sep 21)
- Re: syn attack and source routing Vadim Antonov (Sep 21)
- Re: syn attack and source routing Vadim Antonov (Sep 27)
- Re: syn attack and source routing Vadim Antonov (Sep 18)