Open relays and open proxies

Mailman List Mirror (Read Only)
1

[CC list cleaned up]

I think the most basic thing that any xSP could do to prevent relays and other
basic address spoofing would be to disable source ip routing in every router
that's installed. I would prevent a lot of abuse.

Curt

Can you support with data either:
1) IP source routing is used for "lots of abuse"
2) disabling IP source routing would prevent "lots of abuse"

LSRR is a tool utilized to verify network topology and investigate
such things as pointing default, etc. Several SP's require LSRR
at minimum on border routers for this reason.

2

It was explained to me by one of the kind folks at isc.org that my assertions
were incorrect and why. I now stand corrected. my humblest apologies for
the use of the bandwidth.

Curtis