Date: Tue, 01 Jul 1997 22:56:41 +0100 From: Brian Somers <brian@awfulhak.org> To: Sergey Pukach <pss@gloom.te.net.ua> Cc: freebsd-questions@FreeBSD.ORG, kvn@gloom.te.net.ua, vlad@nobulus.tn.odessa.ua Subject: Re: Security hole ? Message-ID: <199707012156.WAA26635@awfulhak.demon.co.uk> In-Reply-To: Your message of "Tue, 01 Jul 1997 22:13:58 %2B0300." <199707011913.WAA00442@gloom.te.net.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hi. > > I have two ISP, one of which running FreeBSD and assign static IP > to all users. For connection I'm using ppp by Toshiharu OHNO. > Playing wiht /etc/ppp/ppp.conf I'm found amazing (for me) feature. > This is string from ppp.conf: > > add ifaddr a.b.c.d 0 > > So, remote server can use any IP and my IP should be a.b.c.d > If instesd of a.b.c.d I substitute real IP of one of my ISP server > I can declare myself as another machine. During such connection > I have received a lot of mail which is not intended to be mine. > I think skilful hacker can use this in another way. So, how > ISP can avoid such unproper connections? Your ISP should specify set ifaddr x.x.x.x a.b.c.d thus disallowing you from being anything but a.b.c.d. > pss > > // Sergey Pukach > // pss@te.net.ua -- Brian <brian@awfulhak.org>, <brian@freebsd.org> <http://www.awfulhak.org> Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707012156.WAA26635>