"You know, there's quite a difference between source routing and
IP spoofing .."
As true as this statement is, the two walk hand in hand (especially during
If I send an attack from a spoofed address to a victim, I can turn blue in
the face waiting for a response that will never come.
If I spoof an address and use loose source routing I can force the response
to return right through my network.
I was not aware that responses to source-routed packets were themselves
source-routed. I also don't believe it is the case, but am open to being
contradicted. If the responses aren't source-routed, then the packets would
only return through your network if your network was the path back to the
Also loose source routing can be used for Man-in-the-middle attacks by using
a loose source route you can force all traffic to pass through the attackers
You could make the outbound traffic pass through a secondary target, but with
software-processing of ip options, your goodput of dos payload may go
way down. You are more likely to take down something closer to yourself
and self-limit the attack.