From owner-freebsd-questions Tue Jul 1 15:50:34 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id PAA27903 for questions-outgoing; Tue, 1 Jul 1997 15:50:34 -0700 (PDT) Received: from awfulhak.demon.co.uk (awfulhak.demon.co.uk [158.152.17.1]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA27896 for ; Tue, 1 Jul 1997 15:50:22 -0700 (PDT) Received: from awfulhak.demon.co.uk (localhost [127.0.0.1]) by awfulhak.demon.co.uk (8.8.6/8.8.5) with ESMTP id WAA26635; Tue, 1 Jul 1997 22:56:41 +0100 (BST) Message-Id: <199707012156.WAA26635@awfulhak.demon.co.uk> X-Mailer: exmh version 1.6.9 8/22/96 To: Sergey Pukach cc: freebsd-questions@FreeBSD.ORG, kvn@gloom.te.net.ua, vlad@nobulus.tn.odessa.ua Subject: Re: Security hole ? In-reply-to: Your message of "Tue, 01 Jul 1997 22:13:58 +0300." <199707011913.WAA00442@gloom.te.net.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 01 Jul 1997 22:56:41 +0100 From: Brian Somers Sender: owner-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Hi. > > I have two ISP, one of which running FreeBSD and assign static IP > to all users. For connection I'm using ppp by Toshiharu OHNO. > Playing wiht /etc/ppp/ppp.conf I'm found amazing (for me) feature. > This is string from ppp.conf: > > add ifaddr a.b.c.d 0 > > So, remote server can use any IP and my IP should be a.b.c.d > If instesd of a.b.c.d I substitute real IP of one of my ISP server > I can declare myself as another machine. During such connection > I have received a lot of mail which is not intended to be mine. > I think skilful hacker can use this in another way. So, how > ISP can avoid such unproper connections? Your ISP should specify set ifaddr x.x.x.x a.b.c.d thus disallowing you from being anything but a.b.c.d. > pss > > // Sergey Pukach > // pss@te.net.ua -- Brian , Don't _EVER_ lose your sense of humour....