1 |
On Thu, October 6, 2005 7:37 pm, Tad Glines said: |
2 |
> Most infrastructure routers on the net drop/block packets with source |
3 |
> route options so spoofing the source IP of a TCP conversation is not |
4 |
> generally practical over the internet. |
5 |
|
6 |
To be sure, drop source-routed packets at your own firewall too. Don't |
7 |
rely on "most" infrastructure to do it for you. |
8 |
|
9 |
-Eric |
10 |
|
11 |
-- |
12 |
arctic bears - email and dns services |
13 |
http://www.arcticbears.com |
14 |
|
15 |
-- |
16 |
gentoo-security@g.o mailing list |