Date: Wed, 08 Feb 2012 14:05:38 -0800 From: Chuck Swiger <cswiger@mac.com> To: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= <kes-kes@yandex.ru> Cc: freebsd-net@freebsd.org Subject: Re: security issue!! Message-ID: <2BF9EFDB-C52E-4842-9754-66357AD3EBA5@mac.com> In-Reply-To: <15210117711.20120208235307@yandex.ru> References: <15210117711.20120208235307@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Feb 8, 2012, at 1:53 PM, Коньков Евгений wrote: > some host on LAN can send packets to MAC address of FreeBSD server > > and server accept packets even if frame is not in its subnet and pass them further %-) > > details here > http://www.freebsd.org/cgi/query-pr.cgi?pr=164914 Um, what were you expecting to have happen? It's not that unusual for someone to setup a bridge or VPN/proxy-arp configuration where an interface doesn't have an IP, but still receives and forwards (or otherwise processes) the traffic which it sees, because the traffic is addressed to the MAC address of that interface.... Regards, -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2BF9EFDB-C52E-4842-9754-66357AD3EBA5>