Full Disclosure mailing list archives
Re: The best hacker ever !
From: Volker Tanger <vtlists () wyae de>
Date: Tue, 3 May 2005 08:52:40 +0200
On Mon, 2 May 2005 12:06:39 -0400 (EDT) Gregory Boyce <gboyce () badbelly com> wrote:
On Mon, 2 May 2005, Zuxy Haiduc wrote:While most people know better than attacking 127.0.0.1, it's important to note that in some operating systems (Windows, and a few others, but normally not *nix), anything in 127.* is loopback. Its a lot easier to trick someone into attacking, say, 127.36.120.67, than 127.0.0.1.127.36.120.67 works under Linux as well (tested on Ubuntu, Debian, Redhat and Gentoo with 2.2-2.6 kernels).
OTOH I have seen machines (process/machine crontrol systems) that were hardwired to 127.0.0.*/24 as ethernet addresses (eth0, not loopback)... Bye Volker -- Volker Tanger http://www.wyae.de/volker.tanger/ -------------------------------------------------- vtlists () wyae de PGP Fingerprint 378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: The best hacker ever ! Schmehl, Paul L (May 02)
- Re: The best hacker ever ! vulcanius (May 02)
- Re: The best hacker ever ! Zuxy Haiduc (May 02)
- Re: The best hacker ever ! Gregory Boyce (May 02)
- Re: The best hacker ever ! Andre Derek Protas (May 02)
- Re: The best hacker ever ! Volker Tanger (May 02)
- Re: The best hacker ever ! Valdis . Kletnieks (May 03)
- Re: The best hacker ever ! Zuxy Haiduc (May 02)
- Re: The best hacker ever ! vulcanius (May 02)
- <Possible follow-ups>
- RE: The best hacker ever ! cozadc/Cozad, Chris (May 03)
- Re: The best hacker ever ! Valdis . Kletnieks (May 04)