-----BEGIN PGP SIGNED MESSAGE----- At 05:14 PM 8/12/97 +0100, you wrote:
All this talk of spoofing is getting me a bit confused. What
exactly is
the difference between source-routing and spoofing?
Just trying to understand a bit more,
Charles
[Rtr A] --------- | internet cloud | -----------[Rtr B] ------------------------- |----------[Rtr C] Spoofing: Some hacker connected to Rtr C sends a packet to Rtr B altering the packet so the source address says it came from Rtr B. If your (you are behind B) filters don't block packets from the internet coming from yourself then the hacker is into your network. Source Routing: Hacker is behind C. He finds out that you fully trust A and do no filtering for A. He sends packets to your network via Rtr A. In this case they go from C to A to B but the hacker does not have to be smart enough to alter the packets, he just sets the source route option and he is into your network. So, as protection for others you turn off source routing. As protection for yourself you setup up filters that say "deny all inbound packets coming from my network". As further protection for others you setup filters that say "deny all outbound packets that are Not from my network". If all ISPs were to do this last one then hacking would pretty much stop because hackers would be caught in a second. GK -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQEVAwUBM/CWpG384++etaQJAQGPuwf+KLEpMDdvboWmnnHbHcwsFEHlNCgnKYXL TZM6yZoJPx7TGC0kzm//3hDXVA2MX4gIbFsI96Bf/GBKDArzIjFGwVZHG94vV6uA V9t1szjo6VGSfnfqGdG3TIkl/3yVeHU9WGsYL8OaDRZDvQT17FO8d/xCT74igh85 FtDlMSf/vBY9K8sZb9yEvKaUXI+eIPbcUjqSEfdh3NV8L7mWiBkwWskky87PSIvl 3DpmjhDiJwjhSNslXb8p5pniLeOtp3qdvZzHAKoDfr0/XepXBFH/VQ4JRSAbuvm7 jojUK8DEJfkCvTQ9P022hvvXYAKwjqwgDaOK7R95/WKFETROakLvxg== =FIS/ -----END PGP SIGNATURE-----