Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 7 Apr 2001 15:48:53 -0700
From:      "John Howie" <JHowie@msn.com>
To:        "Jacques A. Vidrine" <n@nectar.com>
Cc:        "Crist Clark" <crist.clark@globalstar.com>, <lee@kechara.net>, <freebsd-security@FreeBSD.ORG>
Subject:   Re: Theory Question
Message-ID:  <05aa01c0bfb4$ec3a0de0$0101a8c0@development.local>
References:  <200104071610.RAA18117@mailgate.kechara.net> <3ACF83FA.55761A7B@globalstar.com> <20010407162552.D87286@hamlet.nectar.com> <058701c0bfad$265e8530$0101a8c0@development.local> <20010407173910.B69155@spawn.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

----- Original Message -----
From: "Jacques A. Vidrine" <n@nectar.com>
To: "John Howie" <JHowie@msn.com>
Cc: "Crist Clark" <crist.clark@globalstar.com>; <lee@kechara.net>;
<freebsd-security@FreeBSD.ORG>
Sent: Saturday, April 07, 2001 3:39 PM
Subject: Re: Theory Question


> On Sat, Apr 07, 2001 at 02:53:11PM -0700, John Howie wrote:
> > In practice a machine with no IP address that just receives packets is
not
> > likely to be vulnerable. Crist's scenario is not a probable one (as he,
> > himself, acknowledges).
>
> Such exploits  have been  seen in  the past,  e.g. the  tcpdump buffer
> overrun.   I  guess the  assumption  is  that  your opponent  is  more
> sophisticated  than  a script  kiddie,  and  wants something  in  your
> network.
>

Agreed! And the hacker would also need to have intimate knowledge of your
network configuration to be able to supply the correct parameters to
ifconfig in the scenario that Crist outlined. One item that was missing from
the original design was an exterior DMZ firewall (or perhaps I just missed
that component) running NAT. Key to securing the infrastructure is making it
as difficult as possible for a hacker to determine DMZ and production
network topologies and machine addresses.

Regards,

john...




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?05aa01c0bfb4$ec3a0de0$0101a8c0>