Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ames!pasteur!ucbvax!LANL.GOV!cpw%sneezy
From: cpw%sneezy@LANL.GOV (C. Philip Wood)
Newsgroups: comp.protocols.tcp-ip
Subject: Loose and Strict source routing
Message-ID: <8901311512.AA05344@sneezy.lanl.gov>
Date: 31 Jan 89 15:12:50 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 17

RFC 1009 states that it is important for gateways to implement both the
Loose and Strict Source Route IP options (Page 13).  Why?

Hacker's in the know have indicated that, with those tools, they can
bypass IP address checks which various hosts have set up to attempt a
source host access check.

Is it worth considering not honoring these options in a production
environment such as MILNET and ARPANET?   Or, could Hosts be required
to have an operating system option which allows an administrator to
signal that these packets be dropped?  What other ways are there to
defend against this kind of internet spoofing?

Are there other ways to spoof a source address in an Internet
environment besides LSRR and SSRR?

Phil Wood, cpw@lanl.gov