Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [suse-security] net time \\linuxserver causes martian source?
From: André Sänger (Andre.Saengergmx.de)
Date: Thu Aug 07 2003 - 07:08:49 CDT
Thursday, August 07, 2003, 11:50:37 AM, you wrote:
> (AFIAK) this means: on eth2 arrived a packet for 192.168.80.1
> (sent by 10.68.26.117). Such packet should arrvie on eth0 in
> your case (because it is more "near" to that network). Well, on
> multi-homed boxes this won't work well, because "routing to
> itself" produces this "martian" source - an attack isn't the
> case here I think :-). It is correct to reach a multihomed box by
> any of it's IPs from any of "allowed" interfaces (it has to
> "virtually" route to itself, like eth2 -> eth0 routing, but this is
> OK and working). So rp_filter isn't working here.
Thank you very much for the explanation, now I understand.
echo "0" >> /proc/sys/net/ipv4/conf/all/rp_filter
echo "1" >> /proc/sys/net/ipv4/conf/eth1/rp_filter
I edited /sbin/SuSEfirewall2
Works fine (until the next update I guess) :-)
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here