Re: traceroute as a flooder

From: Curt Sampson (cjsat_private)
Date: Thu Feb 18 1999 - 15:09:15 PST

Next message: Jim Wamsley 303-673-8163: "Re: EMAILed Trojan"

Previous message: Mariusz Marcinkiewicz: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Maybe in reply to: Alfonso De Gregorio: "traceroute as a flooder"
Next in thread: Stefan `Sec` Zehl: "Re: traceroute as a flooder"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 18 Feb 1999, Stefan `Sec` Zehl wrote:

> While I agree with most other changes, I do not see why zou should
> forbid loopback if's for the source address.

Right. Another fellow mentioned this to me, too. It appears that
it would be better to allow addresses on the loopback interface,
but forbid 127.0.0.1. This is a bunch more code to add, though,
and I've not really thought out the implications of it. (For example,
could you use this to send stuff out to a network from an address
that's invalid for that particular network, such as 10.0.0.1 out
to an Internet link?)

I'd welcome a full analysis of this and further patches. I haven't
time to do this work myself, however.

cjs
--
Curt Sampson  <cjsat_private>   604 801 5335   De gustibus, aut bene aut nihil.
The most widely ported operating system in the world: http://www.netbsd.org

Next message: Jim Wamsley 303-673-8163: "Re: EMAILed Trojan"
Previous message: Mariusz Marcinkiewicz: "Re: [HERT] Advisory #002 Buffer overflow in lsof"
Maybe in reply to: Alfonso De Gregorio: "traceroute as a flooder"
Next in thread: Stefan `Sec` Zehl: "Re: traceroute as a flooder"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:38 PDT