|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
how about this for an idea. I'm not sure if
this makes sense, or if it would work at all:
suppose you have masquerading and forwarding enabled,
that is if you allow forwarding of 192.168.1.x
and masqueraded them to come from your public ip,
lets say 1.2.3.4.
somebody from outside could configure their box
as a 192.168.1.x, configure your 1.2.3.4 as its
gateway. if your'e NOT using ip tables to
filter out 192.168.1.x from the 1.2.3.4 address,
AND you dont have rp_filter enabled, he could
"pretend" to be you when he surfs the net...
he could probably pretend to be coming from your
internal net also...
I'm not sure if that would work or not...
well maybe not but I dont know why either..
jondz/epike
>
> All the discussion about firewalls aside, if a machine is running no
> services available to the outside world, how can an attacker break in?
>
> That is, suppose I make the naive argument that I only run sshd on
> port 22, so all other ports get denied anyway by dint of having
> nothing listening (not even inetd). Why bother with ip tables beyond
> masquerading?
>
> (I'm pretty sure this is wrong, I just don't know why.)
>
> --
> Jeff
>
> Jeff Abrahamson <http://www.purple.com/jeff/>
> GPG fingerprint: 1A1A BA95 D082 A558 A276 63C6 16BF 8C4C 0D1D AE4B
>
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|