North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Open relays and open proxies

  • From: Curtis Maurand
  • Date: Mon Apr 28 00:20:47 2003


It was explained to me by one of the kind folks at isc.org that my assertions 
were incorrect and why.  I now stand corrected.  my humblest apologies for 
the use of the bandwidth.

Curtis

On Saturday 26 April 2003 16:34, bdragon@gweep.net wrote:
>  [CC list cleaned up]
>
> > I think the most basic thing that any xSP could do to prevent relays and
> > other basic address spoofing would be to disable source ip routing in
> > every router that's installed.  I would prevent a lot of abuse.
> >
> > Curt
>
> Can you support with data either:
> 1) IP source routing is used for "lots of abuse"
> 2) disabling IP source routing would prevent "lots of abuse"
>
> LSRR is a tool utilized to verify network topology and investigate
> such things as pointing default, etc. Several SP's require LSRR
> at minimum on border routers for this reason.