Subject: Re: illegal network routes and a ponderance
To: None <>
From: Wolfgang S. Rupprecht <>
List: tech-net
Date: 02/21/2003 18:34:55
> ... the right thing to do is not to disable source routing, but to
> fix sendmail (or run something else, something that _does_ know that
> peer IP addresses cannot be trusted unless any source-route options
> have been explicitly removed).

Fixing all the code that makes assumptions based solely on the IP
address would certainly be a good thing.  Here are some of them that
come to mind:

        sendmail, postfix  (relay checks)
        inn                (posting, reading)
        apache             (enforce local-only pages)

Given the choice of either teaching the programs about checking for
either form of source routing, or not using "traceroute -g" across my
ipf filter, I'll personally choose the lazy way out and not use the
traceroute. ;-)

Now, if one were to "fix" getpeername(), accept() et. al. to return
the true source of the IP datagram, the effect of accepting LSR and
SSR might not be that great.

Wolfgang S. Rupprecht

(NOTE: The email address above is valid.  Edit it at your own peril.)