From owner-freebsd-security Wed Sep 5 14:37: 1 2001 Delivered-To: freebsd-security@freebsd.org Received: from ike-ext.ab.videon.ca (ike-ext.ab.videon.ca [206.75.216.35]) by hub.freebsd.org (Postfix) with SMTP id 7441A37B407 for ; Wed, 5 Sep 2001 14:36:52 -0700 (PDT) Received: (qmail 24652 invoked from network); 5 Sep 2001 21:36:51 -0000 Received: from unknown (HELO videdmexg1.ab.videon.ca) ([24.108.62.15]) (envelope-sender ) by ike-ext.ab.videon.ca (qmail-ldap-1.03) with SMTP for ; 5 Sep 2001 21:36:51 -0000 Received: by videdmexg1.ab.videon.ca with Internet Mail Service (5.5.2653.19) id ; Wed, 5 Sep 2001 15:41:02 -0600 Message-ID: From: Laurence Brockman To: security@freebsd.org Subject: RE: Possible New Security Tool For FreeBSD, Need Your Help. Date: Wed, 5 Sep 2001 15:41:02 -0600 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > -----Original Message----- > From: Chris BeHanna [mailto:behanna@zbzoom.net] > Sent: Friday, August 31, 2001 10:08 PM > To: security@freebsd.org > Subject: Re: Possible New Security Tool For FreeBSD, Need Your Help. > > If your machine is attached to a cable modem, then there are 253 > other hosts in your neighborhood who can very easily sniff > your traffic. This is wrong in all but the worst Cable Modem Provider cases. Most modems communicate directly with the cable routers and do not broadcast ANY traffic but the broadcast traffic (ARP's, etc). You could sniff the RF on all of the modems on your node, but this should all be encrypted anyways (At least the Cable provider I work for does this, as well as most others that I know of). So, if your Cable provider is not filtering traffic, etc then I'd have a talk with them. It's very easy now days to implement filters on the cable modem (Including the dropping of spoofed packets to prevent things like SMURFs, etc). > > If you're trying to open ports remotely, then your key traffic is > going over the internet. Do a traceroute between the host you're > using and the host you're trying to manage, and ponder someone > sniffing along any of those hops. > > Although this is unlikely for the casual user, it becomes more > likely if the remote host is a corporate-owned machine in a highly > competitive area of industry. > > -- > Chris BeHanna > Software Engineer (Remove "bogus" before > responding.) > behanna@bogus.zbzoom.net > I was raised by a pack of wild corn dogs. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message