Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Router filtering not enough! (Was: Re: CERT advisory )

From: pst () cisco com (Paul Traina)
Date: Tue, 31 Jan 1995 21:51:56 -0800

Well, my personal opinion is that it's a waste of time given that any
packet filtering forwarder fixes this problem trivially,  and randomizing
the ISS properly solves the actuall problem.

If someone wants to throw time and effort into doing it, I have no objection,
as long as they don't mess up the kernel.

  From: Aleph One <aleph1 () dfw net>
  Subject: Re: Router filtering not enough! (Was: Re: CERT advisory ) 
  
  
  On Thu, 26 Jan 1995, Paul Traina wrote:
  
  > > How hard would it be to modify tcpwraper (for example) to check the
  > > incomming MAC address on a connection and to be worried if it came from a
  > > list of routers but the address was the local net?
  > 
  > This breaks people who might have their netmasks set incorrectly on the loc

al

  > net.
  > 
  Is this bad? dont think so if it breaks it you will notice and be able to 
  fix it.
  
  a1
  http://underground.org
Previous By Date Next
Previous By Thread Next

Current thread: