> Linux IS vulnerable to it. It will accept packets from outside on a
> interface if the packet matches any of the systems addresses. Outgoing
> packets however are nly recognized as local ones, if there is a route that
> points to the interface. (Otherwise the packet will be send and the arp code
> recognizes it and prints a: 'arp called for my own ip address'.
Lets say that we've two interfaces, 130.x.x.x and 192.x.x.x on a
linux firewall, someone sends packet addressed to interface 192 and the
machines accepts it then it should reply on network 192 not 130? Am I
right? If so, isn't that correct the the "tester/attacker" can't get
access to any services running on Interface 192? Only Denial of service
attack comes to my mind.
Just a thought...
Best regards,
Gunni
=========================================================================
Gunnar Ingvi Þórisson E-Mail address: gunni @
if .
is
Kerfisstjóri og forritari, system administrator and programmer
Íslensk forritaþróun hf. (Iceland Software Inc.)
Suðurlandsbraut 4, IS-108 Reykjavík, Ísland
Sími: (+354) 588-1511 Fax: (+354) 588-8728
=========================================================================
Follow-Ups:
References:
|
|
