netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0

from [J. M.] [Permanent Link][Original]
To: dlstevens@xxxxxxxxxx, niv@xxxxxxxxxx
Subject: Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li
From: "J. M." <snortwiz@xxxxxxxxxxx>
Date: Thu, 13 May 2004 12:18:25 -0500
Cc: netdev@xxxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
It seems that design is flawed from a security perspective. Granted dual-homed machines are not the ideal model for security, but I still shouldn't be able to access an interface on a different network just because it's connected to the same physical box as an interface I can reach. 

-Jared



From: David Stevens <dlstevens@xxxxxxxxxx>
To: niv@xxxxxxxxxx
CC: netdev@xxxxxxxxxxx, snortwiz@xxxxxxxxxxx
Subject: Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Linux machine 
Date: Tue, 11 May 2004 12:53:46 -0600
MIME-Version: 1.0
Received: from e33.co.us.ibm.com ([32.97.110.131]) by mc1-f25.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Tue, 11 May 2004 11:55:13 -0700 Received: from westrelay02.boulder.ibm.com (westrelay02.boulder.ibm.com [9.17.195.11])by e33.co.us.ibm.com (8.12.10/8.12.2) with ESMTP id i4BIro87448576;Tue, 11 May 2004 14:53:50 -0400 Received: from d03nm121.boulder.ibm.com (d03av02.boulder.ibm.com [9.17.195.168])by westrelay02.boulder.ibm.com (8.12.10/NCO/VER6.6) with ESMTP id i4BIrnMV366996;Tue, 11 May 2004 12:53:49 -0600 
X-Message-Info: JGTYoYF78jEQFFy/ZNDuigEHjOC6Zg85
In-Reply-To: <40A11644.7090402@xxxxxxxxxx>
X-Mailer: Lotus Notes Release 6.0.2CF1 June 9, 2003
Message-ID: <OF94DCEE79.E30FBAF0-ON88256E91.0067773D-88256E91.0067C495@xxxxxxxxxx> X-MIMETrack: Serialize by Router on D03NM121/03/M/IBM(Release 6.0.2CF2HF168 | December 5, 2003) at 05/11/2004 12:53:49,Serialize complete at 05/11/2004 12:53:49 
Return-Path: dlstevens@xxxxxxxxxx
X-OriginalArrivalTime: 11 May 2004 18:55:16.0369 (UTC) FILETIME=[7F945010:01C43789] 

Routing is something done between different hosts. Hosts normally
will accept packets for any local  address, regardless of
which interface it was received on.

That's not a bug; that's how almost everything works.

                                +-DLS



_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar ? get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PATCH: bonding might sleep with lock held, Andi Kleen
Next by Date:  RE: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M.
Previous by Thread:  PATCH: bonding might sleep with lock held, Jay Vosburgh
Next by Thread:  RE: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M.
Indexes:  [Date] [Thread] [Top] [All Lists]