From owner-freebsd-questions Sat Apr 15 18:40:41 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mhub3.tc.umn.edu (mhub3.tc.umn.edu [128.101.131.43]) by hub.freebsd.org (Postfix) with ESMTP id 2105437B8F6 for ; Sat, 15 Apr 2000 18:40:38 -0700 (PDT) (envelope-from drew0054@tc.umn.edu) Received: from garnet.tc.umn.edu by mhub3.tc.umn.edu with ESMTP for freebsd-questions@freebsd.org; Sat, 15 Apr 2000 20:40:33 -0500 Received: from localhost by garnet.tc.umn.edu with ESMTP for freebsd-questions@freebsd.org; Sat, 15 Apr 2000 20:40:33 -0500 Date: Sat, 15 Apr 2000 20:40:33 -0500 (CDT) From: Zachary Drew To: freebsd-questions@freebsd.org Subject: natd being used as a gateway...security risk? Message-Id: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG i'm using a natd box (freebsd) to share one ip address among several machines. the natd box has is multihomed with 2 NICs (one private one public). The public network is considered hostile (its on a university network). i wondered if i could use my machine as a gateway from another machine on the universities network (making that other machine appear to be my machine) and it turns out i can. The other host i tried this from is on the same subnet as I. I could login to machine and check where i logged in from... it would appear that i loged in from the natd host. so is running natd like this a security risk? people can simply change their ip address and make an attack apear to be coming from my ip address? could people outside my subnet use my machine as a gateway? How should i go about fixing this? Should the natd man pages warn of this? thanks zach To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message