From owner-freebsd-security Sat Apr 7 15:39:13 2001 Delivered-To: freebsd-security@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 7328E37B423 for ; Sat, 7 Apr 2001 15:39:11 -0700 (PDT) (envelope-from nectar@nectar.com) Received: by gw.nectar.com (Postfix, from userid 1001) id 08C9718D29; Sat, 7 Apr 2001 17:39:10 -0500 (CDT) Date: Sat, 7 Apr 2001 17:39:10 -0500 From: "Jacques A. Vidrine" To: John Howie Cc: Crist Clark , lee@kechara.net, freebsd-security@FreeBSD.ORG Subject: Re: Theory Question Message-ID: <20010407173910.B69155@spawn.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , John Howie , Crist Clark , lee@kechara.net, freebsd-security@FreeBSD.ORG References: <200104071610.RAA18117@mailgate.kechara.net> <3ACF83FA.55761A7B@globalstar.com> <20010407162552.D87286@hamlet.nectar.com> <058701c0bfad$265e8530$0101a8c0@development.local> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <058701c0bfad$265e8530$0101a8c0@development.local>; from JHowie@msn.com on Sat, Apr 07, 2001 at 02:53:11PM -0700 X-Url: http://www.nectar.com/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Apr 07, 2001 at 02:53:11PM -0700, John Howie wrote: > In practice a machine with no IP address that just receives packets is not > likely to be vulnerable. Crist's scenario is not a probable one (as he, > himself, acknowledges). Such exploits have been seen in the past, e.g. the tcpdump buffer overrun. I guess the assumption is that your opponent is more sophisticated than a script kiddie, and wants something in your network. Cheers, -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message