From owner-freebsd-hackers  Fri Jun 26 10:11:35 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA12869
          for freebsd-hackers-outgoing; Fri, 26 Jun 1998 10:11:35 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from brooklyn.slack.net (root@brooklyn.slack.net [206.41.21.102])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA12759;
          Fri, 26 Jun 1998 10:10:45 -0700 (PDT)
          (envelope-from andrewr@brooklyn.slack.net)
Received: from localhost (andrewr@localhost)
	by brooklyn.slack.net (8.8.7/8.8.7) with SMTP id NAA17555;
	Fri, 26 Jun 1998 13:13:39 -0400 (EDT)
Date: Fri, 26 Jun 1998 13:13:39 -0400 (EDT)
From: andrewr  <andrewr@slack.net>
To: Pierre Beyssac <Pierre.Beyssac@hsc.fr>
cc: Bill Fenner <fenner@parc.xerox.com>, Nate Lawson <nate@almond.elite.net>,
        nate@elite.net, julian@whistle.com, freebsd-bugs@FreeBSD.ORG,
        freebsd-net@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG
Subject: Re: Apparent bug in sendto() with raw sockets
In-Reply-To: <19980626172748.A18953@mars.hsc.fr>
Message-ID: <Pine.NEB.3.96.980626131259.3414A-100000@brooklyn.slack.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


I too have spoofed packets under FreeBSD, I am just noting somethings that
might want to be changed.

*****************************************
AWR 				XNS, Inc.
         <andrewr@slack.net>		
  "Drink beer, it will save your life."

On Fri, 26 Jun 1998, Pierre Beyssac wrote:

> On Fri, Jun 26, 1998 at 09:38:33AM -0400, andrewr wrote:
> > Speaking of IP_HDRINCL, after reading raw_ip.c and noticing the protection
> > against spoofing (can't use IP_HDRINCL in certain situations), I started
> > thinking about actually comparing the user dsupplied ip->ip_src with the
> 
> Are you sure you're talking about FreeBSD here ? SunOS 4 has such
> a protection (it checks that the source address belongs to one of
> the interfaces, or so it seems) but I've successfully spoofed
> packets on FreeBSD without any problem using IP_HDRINCL.
> 
> Anyway, such a protection can easily bypassed by sending raw
> link-level packets through bpf (or probably /dev/nit in the case
> of SunOS, although I've never tried this).
> -- 
> Pierre.Beyssac@hsc.fr
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message