Date: Tue, 28 Jul 1998 11:00:13 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: ben@rosengart.com Cc: Jim Shankland <jas@flyingfox.com>, security@FreeBSD.ORG Subject: Re: inetd enhancements (fwd) Message-ID: <199807281500.LAA19134@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.GSO.4.02.9807280124550.13278-100000@echonyc.com> References: <199807280440.VAA12658@biggusdiskus.flyingfox.com> <Pine.GSO.4.02.9807280124550.13278-100000@echonyc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Tue, 28 Jul 1998 01:29:04 -0400 (EDT), Snob Art Genre <benedict@echonyc.com> said: > Hrm, that's no good. But if I'm not mistaken, each interface is > configured with its own address. Does this not give the system enough > information to reject packets arriving on the wrong interface for their > address? > Are you sure that the system will accept packets for the wrong > interface? There's nothing ``wrong'' about it. In a complex network with routing protocols operating, it is perfectly conceivable that a packet addressed to one interface may be delivered to another. (Indeed, that is often desirable, particularly if one interface is much higher-speed than another. For example, at a previous POE, we had a bunch of SGI servers on a FDDI ring, which were also on the regular Ethernet. If someone on server A mounted an NFS filesystem from server B, we wanted that traffic to stay on the FDDI ring rather than crossing our aging Cisco router.) -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807281500.LAA19134>