Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [nsp] known networks for broadcast ping attacks

  • From: Greg Ketell
  • Date: Tue Aug 12 13:32:09 1997

-----BEGIN PGP SIGNED MESSAGE-----

At 05:14 PM 8/12/97 +0100, you wrote:
>
>> All this talk of spoofing is getting me a bit confused.  What

exactly is
>> the difference between source-routing and spoofing?
>> 
>> Just trying to understand a bit more,
>> 
>> Charles


 [Rtr A] --------- | internet cloud  |  -----------[Rtr B]
                      -------------------------
                                            |----------[Rtr C]

Spoofing:
Some hacker connected to Rtr C sends a packet to Rtr B altering 
the packet so the source address says it came from Rtr B.  If 
your (you are behind B) filters don't block packets from the 
internet coming from yourself then the hacker is into your 
network.

Source Routing:
Hacker is behind C.  He finds out that you fully trust A and do 
no filtering for A.  He sends packets to your network via Rtr A.

 In this case they go from C to A to B but the hacker does not 
have to be smart enough to alter the packets, he just sets the 
source route option and he is into your network.

So, as protection for others you turn off source routing.  As 
protection for yourself you setup up filters that say "deny all 
inbound packets coming from my network".  As further protection 
for others you setup filters that say "deny all outbound packets

that are Not from my network".  If all ISPs were to do this last

one then hacking would pretty much stop because hackers would be

caught in a second.

GK
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQEVAwUBM/CWpG384++etaQJAQGPuwf+KLEpMDdvboWmnnHbHcwsFEHlNCgnKYXL
TZM6yZoJPx7TGC0kzm//3hDXVA2MX4gIbFsI96Bf/GBKDArzIjFGwVZHG94vV6uA
V9t1szjo6VGSfnfqGdG3TIkl/3yVeHU9WGsYL8OaDRZDvQT17FO8d/xCT74igh85
FtDlMSf/vBY9K8sZb9yEvKaUXI+eIPbcUjqSEfdh3NV8L7mWiBkwWskky87PSIvl
3DpmjhDiJwjhSNslXb8p5pniLeOtp3qdvZzHAKoDfr0/XepXBFH/VQ4JRSAbuvm7
jojUK8DEJfkCvTQ9P022hvvXYAKwjqwgDaOK7R95/WKFETROakLvxg==
=FIS/
-----END PGP SIGNATURE-----





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.