Date: Mon, 06 Dec 1999 10:57:36 -0500 From: Gerald Abshez <gerald@manhattanprojects.com> To: Kris Kennaway <kris@hub.freebsd.org> Cc: audit@FreeBSD.ORG Subject: Re: arp.c patch Message-ID: <384BDCF0.7CA47AA8@manhattanprojects.com> References: <Pine.BSF.4.21.9912042308350.34489-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > > This one isn't likely exploitable, but it's still a small buffer overflow. > arp looks okay apart from this. Hmmm. A while back, a friend and I were discussing Firewalling and arp. It seems that arp accepted packets from anywhere. This was a problem, as my friend had a firewall, and someone had (improperly) hooked up a machine with an IP on the public side of the internet that corresponded with a machine on the private net. The firewall would simply move the address back and forth between the various interfaces. The traffic wouldn't go out, since it was blocked by the firewall, but I did think that this was an issue. (It's a DOS attack) I'm not sure that this has been addressed, and I thought I'd mention it since your patch reminded me of it. Gerald. -- This is your FreeBSD -- Where do YOU want to go tommorow? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?384BDCF0.7CA47AA8>