Date: Fri, 26 Jun 1998 13:13:39 -0400 (EDT) From: andrewr <andrewr@slack.net> To: Pierre Beyssac <Pierre.Beyssac@hsc.fr> Cc: Bill Fenner <fenner@parc.xerox.com>, Nate Lawson <nate@almond.elite.net>, nate@elite.net, julian@whistle.com, freebsd-bugs@FreeBSD.ORG, freebsd-net@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: Apparent bug in sendto() with raw sockets Message-ID: <Pine.NEB.3.96.980626131259.3414A-100000@brooklyn.slack.net> In-Reply-To: <19980626172748.A18953@mars.hsc.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
I too have spoofed packets under FreeBSD, I am just noting somethings that
might want to be changed.
*****************************************
AWR XNS, Inc.
<andrewr@slack.net>
"Drink beer, it will save your life."
On Fri, 26 Jun 1998, Pierre Beyssac wrote:
> On Fri, Jun 26, 1998 at 09:38:33AM -0400, andrewr wrote:
> > Speaking of IP_HDRINCL, after reading raw_ip.c and noticing the protection
> > against spoofing (can't use IP_HDRINCL in certain situations), I started
> > thinking about actually comparing the user dsupplied ip->ip_src with the
>
> Are you sure you're talking about FreeBSD here ? SunOS 4 has such
> a protection (it checks that the source address belongs to one of
> the interfaces, or so it seems) but I've successfully spoofed
> packets on FreeBSD without any problem using IP_HDRINCL.
>
> Anyway, such a protection can easily bypassed by sending raw
> link-level packets through bpf (or probably /dev/nit in the case
> of SunOS, although I've never tried this).
> --
> Pierre.Beyssac@hsc.fr
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96.980626131259.3414A-100000>