nanog mailing list archives
[lamour () mail argfrp us uu net: Fwd: Re: If you have nothing to hide]
From: Todd MacDermid <tmacd () synacklabs net>
Date: Thu, 8 Aug 2002 18:14:22 -0400
In message <20020805225221.82473.qmail () sidehack sat gweep net>, bdragon@gweep.n et writes:
I was not aware that responses to source-routed packets were themselves source-routed. I also don't believe it is the case, but am open to being contradicted. If the responses aren't source-routed, then the packets would only return through your network if your network was the path back to the spoofed source.
A friend of mine directed me to this thread. Source routed packets can indeed be used to spoof IP connections, and I've written a tool to do it. It's available at http://www.synacklabs.net/projects/lsrtunnel If you simply want to check host behaviour to see if you can spoof connections, I've written a scanner at http://www.synacklabs.net/projects/lsrscan Short story is Solaris < 8 will reverse source routes by default, and Windows boxes will reverse source routes by default. The BSDs and Linuces I've tested mostly block source routed packets by default. Todd
Current thread:
- [lamour () mail argfrp us uu net: Fwd: Re: If you have nothing to hide] Todd MacDermid (Aug 08)