[4255] in bugtraq

home help back first fref pref prev next nref lref last post

[LINUX] IP_MASQ / Ethernet Passing Traffic After Halt

daemon@ATHENA.MIT.EDU (Sean B. Hamor)
Sat Apr 12 04:22:15 1997

Date: 	Fri, 11 Apr 1997 23:54:14 -0400
Reply-To: "Sean B. Hamor" <hamors@LITTERBOX.ORG>
From: "Sean B. Hamor" <hamors@LITTERBOX.ORG>
To: BUGTRAQ@NETSPACE.ORG

-----BEGIN PGP SIGNED MESSAGE-----


                                                        Friday, April 11, 1997
                                                                 The Litterbox
                                          Sean B. Hamor <hamors@litterbox.org>
                                                           LINUX IP MASQUERADE

Synopsis:

  A problem exists in IP Masquerade under Linux which allows traffic to be
  passed to external networks even after the gateway host has been halted.
  As long as a connection has been established from an internal machine via
  the IP Masquerade gateway to an external host and the Ethernet interfaces
  inside the machine are still being supplied power, that connection will
  stay online in a fully interactive state.

  Even worse, that connection will stay online even if the IP Masquerade
  gateway machine is rebooted.  During a soft reboot, the connection will
  stay online in a fully interactive state.  During a cold reboot, the
  connection will lose interactivity until the IP Masquerade gateway machine
  comes back online.  After that, the connection will regain interactivity.

Impact:

  During an incoming or outgoing attack, systems administrators may use the
  "kill switch" tactic to stop the attack and shut down the gateway machine
  involved in the attack.  This creates a false sense of security with that
  systems administrator thinking that the attack has been successfully
  stopped.  In reality, the connection in question is totally unaffected by
  the system shutdown.

EOF

   /\_/\   http://www.litterbox.org/~hamors/pgp.txt         To err is human.
  ( o.o )          for PGP public key block                  To purr feline.
   > ^ <     Sean B. Hamor <hamors@litterbox.org>             - Robert Byrne
  The Litterbox:  http://www.litterbox.org/   Homeless and Abused Pet Rescue

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQEVAwUBM08HdjU6HlxZIJ+FAQGnMwf/Sxj4pKkMvdJMXKFDKerw6EZHU22edZaW
7CtQ8it2iaw5sjs0wkf6GIUY8Nh9sDP32tOZsJn5YCC19drGjPLYn0AbIRsoYcwk
MwUIZOge/8K2kdashLbKYuou/g081ro/ADXhbcKxwT5p/01S1SlyT3DsOEubdb2K
/qPaUvo6ErDhIjIdnf4fgTg76MhUlmHP56nWdUc8XwtDA+pu56eZy6vVb7iy/XTS
//ccSL8DPZ+nJurfexmaxA4FwDvAKX6eA0sFdUJHxq223mZu6JlVrl6W74yChgRR
VqFIQFATtBntLlfvkSQhq/AgAyIY8ETh/DC0qFJuw1ORSjy0WHiszg==
=57ov
-----END PGP SIGNATURE-----
home help back first fref pref prev next nref lref last post