[4264] in bugtraq
Re: [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt
daemon@ATHENA.MIT.EDU (Alan Cox)
Sun Apr 13 14:31:57 1997
Date: Sun, 13 Apr 1997 14:34:57 +0100
Reply-To: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
X-To: miquels@CISTRON.NL
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <5inmon$hl8$1@holodeck.cistron.nl> from "Miquel van Smoorenburg"
at Apr 12, 97 12:04:51 pm
> the IP Masquerade gateway to an external host and the Ethernet interfaces
> inside the machine are still being supplied power, that connection will
> stay online in a fully interactive state.
Actually this is a feature. You can reboot a machine and not lose most
masqueraded connections. The Linux halt halts userspace. If you want to
down the network interfaces stick it in the rc files.
I'd suggest people under attack pull out cables anyway - you don't know
what your compromised machine is also doing or if "halt" is now a member of
rootkit.
Alan
