I would block source-route on anything you can. As a rule of thumb, if
anyone can try to subvert the routing rules already in place, you should try
to stop them.
Source-route can be used to divert the responses to spoofed traffic onto a
network where they can be observed (or so I always keenly believed). It can
also make spoofed traffic look like it has been coming from the same source
as the legitimate source.
I have no idea whether this is the right issue, but I am always at the front
of the queue to tell people to turn it off.
Cheers,
Joe Dauncey
[EMAIL PROTECTED]
----- Original Message -----
From: mssjim <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, October 24, 1999 6:28 AM
Subject: "Source-route" should be blocked??
> Could anybody tell me that is it necessary to block all "source-route"
> at routers (connected to Internet) installed in the public segment of
> the Firewall??
>
> If yes, is it necessary to block "source-route" at routers installed in
> the internal segment of the Firewall and Firewall itself, too??
>
>
> Many thanks
>
>
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
