[9671] in bugtraq
Re: traceroute as a flooder
daemon@ATHENA.MIT.EDU (Stefan `Sec` Zehl)
Fri Feb 19 19:12:04 1999
Date: Thu, 18 Feb 1999 23:18:01 +0100
Reply-To: "Stefan `Sec` Zehl" <sec@42.ORG>
From: "Stefan `Sec` Zehl" <sec@42.ORG>
X-To: Curt Sampson <cjs@CYNIC.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.NEB.4.02.9902161519120.1500-100000@epistolic.cynic.net>;
from Curt Sampson on Tue, Feb 16, 1999 at 03:30:13PM -0800
On Tue, Feb 16, 1999 at 03:30:13PM -0800, Curt Sampson wrote:
> [ traceroute patch ]
> 1. If uid != 0 (you're not superuser), it checks to see that
> the source address it's going to use is an address from a local
> interface that's up and not marked loopback.
While I agree with most other changes, I do not see why zou should
forbid loopback if's for the source address. I know several boxes which
are multi-homed, and use loopback interfaces to respond to these ip's
like this:
[snip from my /etc/rc.local]
myarp="05:ec:12:de:c0:de"
if_no=0
echo -n 'configuring loopbacks:'
for ip in 10.10.10.1 10.10.10.10 10.10.10.23 10.10.10.42; do
if_no=`expr $if_no + 1`
ifconfig lo$if_no $ip netmask 0xffffffff
arp -s $ip $myarp pub
echo -n " $ip"
done
echo '.'
As I see it, i would not be able to use thes IP's for traceroutes
anymore, which is IMHO a bad thing.
CU,
Sec
--
Ich gehe sogar noch weiter, ich verwende "Sicherheit" nun im Zusammenhang mit:
Kochplatten, Toaster und Motorsaegen. 8) -- <schwarzi@stud.fh-luebeck.de>
