Date: Wed, 31 Jan 2001 12:05:41 -0600 (CST) From: Nate Dannenberg <natedac@kscable.com> To: freebsd-security@freebsd.org Subject: NATD insecure / DoS? Message-ID: <Pine.BSF.4.21.0101311157460.798-100000@flute.daconcepts.dyndns.org>
next in thread | raw e-mail | index | archive | help
Something I ran into today, which I think warrants a little checking into. I have NATD set up and running a simple divert mechanism (with the kernel's help of course) for another computer on this machine's RS232 port. That other computer isn't what this message is about, however. The IP address of this machine (which runs 4.2-Release), which is normally more or less static, changed yesterday. When that happened, I ended up without any Internet connectivity, and I think it was NATD's fault: ifconfig -a showed that I had an IP address (the new one), and dhclient was able to get the information it needs from the DHCP server without problems, but all other attempts to go out on the network failed (telnet, ping, www, napster, etc), and netstat -r refused to come up with any routing information. My only solution (before I realized the possible problem) was to shut down and reboot the computer. On checking /var/log/messages, I saw a few of the usual DHCP requests, all of which looked normal, except for one in which my IP address had changed. It was at that point that I lost connectivity. Does anyone else have this problem with NATD? Is there a solution? -- ___________________________________ _____ _____ | _///@@@| | | natedac@kscable.com /'//ZZ@@|____ | | |'''/ |'/@7 | | http://home.kscable.com/natedac |`'| `~~' | | | `| .--. | | C64/C128 - What's *YOUR* hobby? | `\____|___\ | | \_ | | |___________________________________ \_____| _____| To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0101311157460.798-100000>