Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!sundc!pitstop!sun!decwrl!decvax!ucbvax!ORVILLE.NAS.NASA.GOV!lekash
From: lekash@ORVILLE.NAS.NASA.GOV
Newsgroups: comp.protocols.tcp-ip
Subject: Re: On broadcasts, congestion and gong
Message-ID: <8710262014.AA20401@orville.nas.nasa.gov>
Date: Mon, 26-Oct-87 15:14:43 EST
Article-I.D.: orville.8710262014.AA20401
Posted: Mon Oct 26 15:14:43 1987
Date-Received: Wed, 28-Oct-87 19:59:48 EST
References: <8710260247.aa15238@Huey.UDEL.EDU>
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 16

> Hosts that gratuitously offer to function as gateways are probably the
> single most dangerous and destructive animal that the Internet has
> ever seen.

yeah, and its all due to a random decision to make the default
distribution under 4.2/4.3 be ipforwarding and sendredirects on.
Every vendor doesn't bother to change them.

Here, I have instilled in our operations people the need to always
turn these off by default on every machine that comes in, and
only those machines that are gateways get it enabled.  Along with
tcpnodelack, and other default options that cause grave annoyance
value.  A few slip through the cracks, but quick action by the TCP/IP 
police stomps on such offenders.

						john