Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 01 Jul 1997 22:56:41 +0100
From:      Brian Somers <brian@awfulhak.org>
To:        Sergey Pukach <pss@gloom.te.net.ua>
Cc:        freebsd-questions@FreeBSD.ORG, kvn@gloom.te.net.ua, vlad@nobulus.tn.odessa.ua
Subject:   Re: Security hole ? 
Message-ID:  <199707012156.WAA26635@awfulhak.demon.co.uk>
In-Reply-To: Your message of "Tue, 01 Jul 1997 22:13:58 %2B0300." <199707011913.WAA00442@gloom.te.net.ua> 

next in thread | previous in thread | raw e-mail | index | archive | help
> Hi.
> 
> I have two ISP, one of which running FreeBSD and assign static IP
> to all users. For connection I'm using ppp by Toshiharu OHNO.
> Playing wiht /etc/ppp/ppp.conf I'm found amazing (for me) feature.
> This is string from ppp.conf:
> 
> add ifaddr a.b.c.d  0
> 
> So, remote server can use any IP and my IP should be a.b.c.d
> If instesd of a.b.c.d I substitute real IP of one of my ISP server
> I can declare myself as another machine. During such connection
> I have received a lot of mail which is not intended to be mine.
> I think skilful hacker can use this in another way. So, how
> ISP can avoid such unproper connections?

Your ISP should specify

 set ifaddr x.x.x.x a.b.c.d

thus disallowing you from being anything but a.b.c.d.

> pss
> 
> // Sergey Pukach
> // pss@te.net.ua

-- 
Brian <brian@awfulhak.org>, <brian@freebsd.org>
      <http://www.awfulhak.org>;
Don't _EVER_ lose your sense of humour....





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707012156.WAA26635>