Bugtraq mailing list archives

Re: traceroute as a flooder

From: cjs () CYNIC NET (Curt Sampson)
Date: Thu, 18 Feb 1999 15:09:15 -0800


On Thu, 18 Feb 1999, Stefan `Sec` Zehl wrote:

While I agree with most other changes, I do not see why zou should
forbid loopback if's for the source address.


Right. Another fellow mentioned this to me, too. It appears that
it would be better to allow addresses on the loopback interface,
but forbid 127.0.0.1. This is a bunch more code to add, though,
and I've not really thought out the implications of it. (For example,
could you use this to send stuff out to a network from an address
that's invalid for that particular network, such as 10.0.0.1 out
to an Internet link?)

I'd welcome a full analysis of this and further patches. I haven't
time to do this work myself, however.

cjs
--
Curt Sampson  <cjs () cynic net>   604 801 5335   De gustibus, aut bene aut nihil.
The most widely ported operating system in the world: http://www.netbsd.org

Current thread:

traceroute as a flooder Alfonso De Gregorio (Feb 12)
- Re: traceroute as a flooder Kris Kennaway (Feb 13)
- <Possible follow-ups>
- Re: traceroute as a flooder Dag-Erling Smorgrav (Feb 15)
  - Re: traceroute as a flooder Curt Sampson (Feb 16)
    - Inherent weaknesses in NT system policies mnemonix (Feb 03)
    - Re: Inherent weaknesses in NT system policies Matt Hargett (Feb 19)
    - Re: traceroute as a flooder Stefan `Sec` Zehl (Feb 18)
    - Re: traceroute as a flooder Curt Sampson (Feb 18)
- Re: traceroute as a flooder Dag-Erling Smorgrav (Feb 16)