Hints at spoofing given on TCP-IP Listserv...
NetSurfer
jdwilson at gold.chem.hawaii.edu
Mon Jun 6 10:20:10 PDT 1994
---------- Forwarded message ----------
Date: Sun, 5 Jun 1994 23:46:22 LCL
From: William <billw at GLARE.CISCO.COM>
To: Multiple recipients of list TCP-IP <TCP-IP%PUCC.BITNET at cmsa.Berkeley.EDU>
Subject: Re: Is IP source routing a bad idea?
A correct and bug-free implementation of IP source routing allows
any host on the internet to masquerade as any IP address that it would
like to, thus breaking any access control based on the source IP address
(eg, most of the unix r-utilities.)
Exactly how to do this is left as an excercise to the reader, but the
fundamental problem is that the source route allows the packet to travel
"through" possibly suspect IP entities that have not had the slightest
amount of authentication as "trustworthy" routers applied to them.
BillW
cisco
==========================================================================
Tentacle food for thought?
More information about the cypherpunks-legacy
mailing list