Firewalls: Re: Firewalls-Digest V4 #494

Firewalls
(August 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Firewalls-Digest V4 #494
From:	smb @ research . att . com
Date:	Mon, 21 Aug 95 20:30:24 EDT
To:	Neil Todd <toddn @ gb . swissbank . com>
Cc:	firewalls-digest @ GreatCircle . COM

	 On a number of occassions we have wished to support a service
	 listener on only one particular network interface, and to have
	 nothing on all the other interfaces.

Remember that even if a service is listening on only one address,
packets addressed to it can still arrive on other interfaces.  To
be sure, an enemy will need to know what that other address is,
and may have trouble routing to it -- but the former isn't always
hard to learn, and source routing can do the latter.

Indexed By Date	Previous:	Re: OS/2 and firewalls? From: "Paul L. Rogers" <rogerspl @ os-ppp6 . datasync . com>
Indexed By Date	Next:	Is there another alternative to sendmail/smail? upas? From: smb @ research . att . com
Indexed By Thread	Previous:	Firewall Testing Volunteers? From: Christopher Klaus <cklaus @ iss . net>
Indexed By Thread	Next:	Re: Firewalls-Digest V4 #494 From: Neil Todd <toddn @ gb . swissbank . com>