Want to wait until SYN attacks are augmented with LSRR-enabled traffic randomization to the point of making it nearly impossible to trace?
They're optioned packets, I imagine tracing them is easier and one is able to bludgeon one's vendor into putting in better tracing for you without them having a cow.
People knew about SYN flooding for years. Nothing happened until s*t hit the fan. I strongly suspect that LSRR is of the same category.
I doubt it. As I said, anyone who's affected can cure themselves.
Please don't take our LSRR away from us, it is very useful.
Per se, LSRR is not useful. traceroute -g is.
Lately I feel like I'm the single person on the planet who actually uses LSRR for stuff. I do use loose source telnet on the average of once a week...
Why not to implement something saner like traceroute servers?
You go implement your traceroute servers everywhere I need them and THEN come back and ask me to shut it off and I'll consider it.
Or better yet, the ICMP TRACEROUTE message, which would go hop by hop and on every hop generates a response message. Augmented with PROXY TRACEROUTE which will cause the destination box to send out the ICMP TRACEROUTE.
I can write RFC in my copious spare time if you think that this makes more sense than the UDP kludge.
I'm not convinced it makes more sense. As I said to smd in response to his similar comments, the beauty of the current traceroute is that it's hard for idiots to turn it off. Very few other solutions have this wonderful property. --jhawk