From owner-freebsd-security  Sat Apr  3 19:51:10 1999
Delivered-To: freebsd-security@freebsd.org
Received: from federation.addy.com (federation.addy.com [207.239.68.2])
	by hub.freebsd.org (Postfix) with ESMTP id BF6F314F01
	for <freebsd-security@FreeBSD.ORG>; Sat,  3 Apr 1999 19:51:00 -0800 (PST)
	(envelope-from jim@federation.addy.com)
Received: from localhost (jim@localhost) by federation.addy.com (8.8.5/8.6.12) with SMTP id WAA25211 for <freebsd-security@FreeBSD.ORG>; Sat, 3 Apr 1999 22:49:04 -0500 (EST)
Date: Sat, 3 Apr 1999 22:49:03 -0500 (EST)
From: Jim Sander <jim@federation.addy.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Someone trying to route to my machine?
In-Reply-To: <XFMail.990403122507.nicole@nmhtech.com>
Message-ID: <Pine.BSF.3.95q.990403224032.24296A-100000@federation.addy.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>  Even so, if someone detected I was running routed, could they use that to try
> to route to a machine for some nefarius reason?

   Yes. In theory, routed can be used to enable someone to "remotely
sniff" your machine, provided they are clever and you are not. Also, if
someone adds enough routes, you overflow some allocated space, and on
many/most systems you lose network capability if not crash. (DoS attack)
Old SunOS systems would crash in the *coolest* ways when you added a
couple thousand routes...

-=Jim=- Addy & Associates




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message