From owner-freebsd-security Mon Aug 17 15:16:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA04681 for freebsd-security-outgoing; Mon, 17 Aug 1998 15:16:39 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from dumont.neoplanos.com.br (dumont.neoplanos.com.br [200.249.209.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA04547 for ; Mon, 17 Aug 1998 15:16:11 -0700 (PDT) (envelope-from john@dumont.neoplanos.com.br) Received: from localhost (john@localhost) by dumont.neoplanos.com.br (8.8.8/8.8.5) with SMTP id TAA12184; Mon, 17 Aug 1998 19:27:28 -0300 (EST) Date: Mon, 17 Aug 1998 19:27:28 -0300 (EST) From: Joao Paulo Caldas Campello To: Jay Tribick cc: "Jasper O'Malley" , security@FreeBSD.ORG Subject: Re: hosts.deny/allow & ICMP Attacks In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 17 Aug 1998, Jay Tribick wrote: Hi, > There's always IP spoofing (although you'd have to do it blind as the > packets wouldn't be able to get back to you) - plus, it's hard to > implement. Yeah... But working with tcp is nearly impossible to have a successful spoof... I cannot say impossible, for sure, `cause maybe there are some bugs in tcpd or any routing protocol (for instance, RIP) that I can use to obtain good spoof... If I do spoof with TCP just changing the frames in the packet I've to pretend I'm a 3rd host; which I have access to and is privileged in the victim system... If TCP wasn't a three-way connection type (as UDP that's one way) I would be able to do spoof faster!! Anyway, I'm just wanting to protect my own network from outsiders invasors, not planning to attack any box!! Thnx for all the help (all the people that answered me and I'm not replying... not to spam the list) Regards, J. Paulo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message