In some mail from Alan Cox, sie said:
> > It is becoming an interesting tossup, between the above, but if you're
> > serious, go with Solaris 2.5 - even if you have the Linux source code,
> > you don't want to look at that `mess'.
> I see Mr Darren Reed has yet to become a serious and realistic member of
> the technical community. In case Mr Reed isnt aware of it, randomly branding
> other people's code "A mess" isn't a serious technical critique.
No, I was just addressing "you have the source code" point.
If someone can get onto your firewall, then generally, the game is over,
unless you're well enough setup such that this isn't a risk - that takes
a bit more work and because you're running Linux doesn't make that task
I don't see what point data leakage in mbuf's and ethernet frames makes.
That "other" data isn't going to be interpreted by anything, so you may
as well be tunnelling data some easier way. Not to mention that if
someone can exploit this problem, you've got far bigger problems that
a firewall isn't going to solve (you're talking physical access to wires
here somewhere). If you have a sample program I can run which proves me
wrong (yup, when I'm feeling ill, I run Linux at home ;-P), I'd enjoy the
chance to see this get exploited. That method was brought up at SANS, but
the descriptions I've heard are somewhat confusing and I've yet to see a
full paper published on it.