|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: linux userland ip spoofing vulnerability
Alan Cox (alan
LXORGUK.UKUU.ORG.UK)
Wed, 27 Oct 1999 15:42:05 +0100
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Thomas Dullien: "Re: Accessing IE/Netscape incomming data"
- Previous message: 3APA3A: "FreeBSD listen()"
- Next in thread: dave: "Re: linux userland ip spoofing vulnerability"
- Reply: dave: "Re: linux userland ip spoofing vulnerability"
> This works on systems with poor/no firewall setup, pppd + shell users. It
> can forge a source address (on your local ethernet sent over ppp
> interface).
>
> This bug is caused by bind() in the kernel allowing you to send off
> another interface.
No its not a bug. Its standard correct TCP/IP behaviour. The user can only
send frames from any IP address the administrator configured. It is quite
valid and indeed quite often sensible to do this. Think about secure web
servers on virtual interfaces - they need to talk from the virtual interface.
It is (as you observed) a matter of firewalling if you dont wish to do this
- Next message: Thomas Dullien: "Re: Accessing IE/Netscape incomming data"
- Previous message: 3APA3A: "FreeBSD listen()"
- Next in thread: dave: "Re: linux userland ip spoofing vulnerability"
- Reply: dave: "Re: linux userland ip spoofing vulnerability"
This archive was generated by hypermail 2.0b3 on Thu Oct 28 1999 - 14:11:26 CDT