Date: Thu, 6 Nov 1997 09:30:38 -0800 (PST) From: Dru Nelson <dnelson@slip.net> To: Archie Cobbs <archie@whistle.com> Cc: brandon@roguetrader.com, freebsd-isp@freebsd.org Subject: Re: Security problem/oversight with user PPP! Message-ID: <Pine.GSO.3.96.971106092836.11993A-100000@slip-3> In-Reply-To: <199711060110.RAA18423@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I agreee, it shouldn't be on by default. It is good, though, when > > you want to work on the PPP client on the far end when getting > > things working. > > Doesn't completely fill the hole... :-) > > I can still take a UNIX machine on the same network as yours, > disable my loopback interface, and set a route to 127.0.0.1 > via your machine, and then telnet to it. > Hi, where was I 'fill the hole'. If it is off, you can't telnet to 3000? Are you saying that Freebsd has a security hole where it allows ip with a source of 127.0.0.1. When it replies for that SYN for telnet, why would it go back to your machine? Dru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.96.971106092836.11993A-100000>