[19494] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Loopback and multi-homed routing flaw in TCP/IP stack.

daemon@ATHENA.MIT.EDU (Perry Harrington)
Tue Mar 6 00:19:25 2001

Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
              protocol="application/pgp-signature"; boundary="hoZxPH4CaxYzWscb"
Content-Disposition: inline
Message-ID:  <20010305184305.C29340@webcom.com>
Date:         Mon, 5 Mar 2001 18:43:05 -0800
Reply-To: Perry Harrington <pedward@WEBCOM.COM>
From: Perry Harrington <pedward@WEBCOM.COM>
X-To:         ddowney@mail.hislinuxbox.net
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <Pine.LNX.4.21.0103051816170.6928-100000@mail.hislinuxbox.net>;
              from ddowney@mail.hislinuxbox.net on Mon, Mar 05,
              2001 at 06:18:33PM -0800

--hoZxPH4CaxYzWscb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

I don't think the behavior should change because of DSR.  DSR is more useful
than 'rightness' in my opinion.  A switch to turn it off if you don't want it is
something I'd advocate, but the default should be 'on'.

--Perry

On Mon, Mar 05, 2001 at 06:18:33PM -0800, ddowney@mail.hislinuxbox.net wrote:
> On Mon, 5 Mar 2001, Perry Harrington wrote:
>
> > In short, yes security through obscurity is dumb, but calling for people to change
> > this functionality is unwarranted when machines can be firewalled.
> >
>
>
> Actually to me this sounds more like an excuse NOT to fix the problem
> simply because it's "industry standard".
>
> Sometimes standards need to be looked at and revamped. In this case it's
> one that would affect the industry as a whole. Are you calling for
> advisories only simply because the workload would be tremendous or because
> you truly believe that fixing this would affect nothing?
>
>
> ---
> David D.W. Downey - RHCE
> Consulting Engineer
> Ensim Corporation
> david.downey@ensim.com
>
>

--
Perry Harrington                 Director of                   zelur xuniL  ()
perry at webcom dot com      System Architecture               Think Blue.  /\

--hoZxPH4CaxYzWscb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (SunOS)
Comment: For info see http://www.gnupg.org

iD8DBQE6pE64fK7Bvd0wfuURAu82AKCPYODPjUjh3oBDgPujYDSvEU/RYgCfbK3o
VWGeGmN3ExAzVrmNi4jR6mo=
=8VsT
-----END PGP SIGNATURE-----

--hoZxPH4CaxYzWscb--
home help back first fref pref prev next nref lref last post