---------- Forwarded message ---------- Date: Sun, 5 Jun 1994 23:46:22 LCL From: William <billw@GLARE.CISCO.COM> To: Multiple recipients of list TCP-IP <TCP-IP%PUCC.BITNET@cmsa.Berkeley.EDU> Subject: Re: Is IP source routing a bad idea? A correct and bug-free implementation of IP source routing allows any host on the internet to masquerade as any IP address that it would like to, thus breaking any access control based on the source IP address (eg, most of the unix r-utilities.) Exactly how to do this is left as an excercise to the reader, but the fundamental problem is that the source route allows the packet to travel "through" possibly suspect IP entities that have not had the slightest amount of authentication as "trustworthy" routers applied to them. BillW cisco ========================================================================== Tentacle food for thought?