22 Aug
1996
22 Aug
'96
1:52 a.m.
On itself, LSRR is a godsend to hackers (i can think of about a dozen of very nasty attacks using general LSRR). The only useful application for it is traceroute.
Why don't router vendors provide an option to turn it off for everything but ICMP ECHO?
Personally I find this an excellent suggestion.
So now I need to hack my traceroute to send ICMP_ECHO_REQUESTS instead of high-port udp packets? Oh well, I guess we can put this right next to the patches to have traceroute send TCP SYNs to get through stupid firewalls. --jhawk