Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: If you have nothing to hide

  • From: Stephen Sprunk
  • Date: Mon Aug 05 11:45:27 2002

Thus spake <bdragon@gweep.net>
> <snip>
> > our packets. While I'm certainly in favor of anything edge providers can
> > do to eliminate denial of service attacks based on source-routing,
> > I certainly don't want anything further.
> <snip>
>
> denial of service based upon source routing? I hadn't heard of any denial
> of service attacks of that sort.
>
> Disabling source-routing is like filtering icmp, sure you might block
> a few abuses, but more often than not, you are throwing out legitimate
> traffic.

I can't come up with any legitimate reason to use source-routed packets today.
If your routers even support them, they probably consume orders of magnitude
more processing power than normal packets; that is enough reason to disable
source-routing, not to mention the security implications.

S





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.