IP address spoofing using Source Routing

ip-address source-routing

Solution 1:

Now there's some good thinking. But fear not, this is already a known attack:

  • http://www.citi.umich.edu/u/provos/papers/secnet-spoof.txt
  • http://technet.microsoft.com/en-us/library/cc723706.aspx

Its danger is mitigated by the fact that source routed packets are generally blocked at organizations' boundaries, and also the fact that source routing is disabled by default in server OSes such as FreeBSD and OpenBSD (and at least some of the Linux distributions, e.g. Arch Linux). Quoting from that first link:

The impact of this advisory is greatly diminished due to the large number of organizations which block source routed packets and packets with addresses inside of their networks. Therefore we present the information as more of a 'heads up' message for the technically inclined, and to re-iterate that the randomization of TCP sequence numbers is not an effective solution against this attack.

Related

Can't install tap driver using tapinstall.exe for OpenVPN when run from a .bat file, but it works when running OpenVPN installer
Occasional text printing - inkjet or laser?
Replace HD with SSD in MacBook where CD/DVD drive is broken
Is it wasteful to call cat?
How to fullscreen application across both monitors of dual head display?
Changing desktop background picture from stretch on Windows 7
batch - File last modification time with seconds
Disable "unlock" sound in Windows 8
Assign IP's to certian mac addresses in dd-wrt
Can Robocopy ensure file integrity?
What do I need to know before using an HTTP proxy?
hosts file and unblocked subdomains