Date: Sat, 14 Feb 2004 13:11:12 +0100 From: Clemens Fischer <ino-qc@spotteswoode.dnsalias.org> To: freebsd-ipfw@freebsd.org Subject: Re: Strange leakage of private source addresses w/ipfw and natd Message-ID: <oes1amix.fsf@ID-23066.news.dfncis.de> References: <3F833434.5090506@tenebras.com> <ekx0paff.fsf@ID-23066.news.dfncis.de> <020201c39c6e$5f0fea40$080ba8c0@admin>
next in thread | previous in thread | raw e-mail | index | archive | help
* 2003-10-27 freebsd@dwec.ru:
> Ok, maybe not THAT important but definitely a Bad Surprise. Here's
> the sample (and in current configuration only ICMP packets from time
> to time are being passed through unaltered):
>
> snort: [1:0:0] POSSIBLE address leakage - ICMP {ICMP} 192.168.5.2 ->
> 208.115.104.193
> [**] POSSIBLE address leakage - ICMP [**]
ICMP is connectionless, so anybody can ping/traceroute/whatever your
machine if you don't block those private IPs, and this is what people
usually do.
clemens
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?oes1amix.fsf>