Date: Tue, 01 Jul 1997 22:56:41 +0100 From: Brian Somers <brian@awfulhak.org> To: Sergey Pukach <pss@gloom.te.net.ua> Cc: freebsd-questions@FreeBSD.ORG, kvn@gloom.te.net.ua, vlad@nobulus.tn.odessa.ua Subject: Re: Security hole ? Message-ID: <199707012156.WAA26635@awfulhak.demon.co.uk> In-Reply-To: Your message of "Tue, 01 Jul 1997 22:13:58 %2B0300." <199707011913.WAA00442@gloom.te.net.ua>
index | next in thread | previous in thread | raw e-mail
> Hi.
>
> I have two ISP, one of which running FreeBSD and assign static IP
> to all users. For connection I'm using ppp by Toshiharu OHNO.
> Playing wiht /etc/ppp/ppp.conf I'm found amazing (for me) feature.
> This is string from ppp.conf:
>
> add ifaddr a.b.c.d 0
>
> So, remote server can use any IP and my IP should be a.b.c.d
> If instesd of a.b.c.d I substitute real IP of one of my ISP server
> I can declare myself as another machine. During such connection
> I have received a lot of mail which is not intended to be mine.
> I think skilful hacker can use this in another way. So, how
> ISP can avoid such unproper connections?
Your ISP should specify
set ifaddr x.x.x.x a.b.c.d
thus disallowing you from being anything but a.b.c.d.
> pss
>
> // Sergey Pukach
> // pss@te.net.ua
--
Brian <brian@awfulhak.org>, <brian@freebsd.org>
<http://www.awfulhak.org>;
Don't _EVER_ lose your sense of humour....
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707012156.WAA26635>