Background: Know: Recognize:




Source routing scenarioEdit


In this scenario, the red node in net 2, as an attacker, spoofs the IP address of 1.1, in order to pretend to be a different node. Node 1.1 in net 2 sends packet, which passes through 2.2 and 3.1 to get to net 4.

With source routing method, this route has been memorized and net 4 considers this information is from net 1 and sends ACK back according to the source route which leads to the spoofer. And the packet will be sent back through 3.1 and 2.2. In this way, attacker can continue to exchange its IP address to steal information.

In contrast, without source routing, when the reply passes through net 3, it would be forwarded towards the destination address (not following source route instructions) and would go to the real node 1.1 in net 1, which would not reply. The attacker wouldn't get the response information, and the connection would not continue.

==See also==

Corresponding TELE9752 lecture slide


source routing