Date: Thu, 06 Feb 1997 11:02:18 -0800 From: David Greenman <dg@root.com> To: Bill Fenner <fenner@parc.xerox.com> Cc: Oliver Friedrichs <oliver@secnet.com>, freebsd-bugs@freebsd.org Subject: Re: Security advisory Message-ID: <199702061902.LAA18156@root.com> In-Reply-To: Your message of "Thu, 06 Feb 1997 08:22:12 PST." <97Feb6.082224pst.177476@crevenia.parc.xerox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>Just out of curiosity, why is disabling source-routing entirely >suggested? Usually filtering out packets with source addresses >in your network is sufficient, and source routing is useful for >diagnostics and it's annoying when it's arbitrarily disabled. I think the main reason is that it allows someone to pretend to be on a specific network when he really isn't. Any security that makes this assumption is going to be broken by this. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702061902.LAA18156>