Penetration Testing mailing list archives

Re: [PEN-TEST] Breaking SSH Listening Ports

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Thu, 14 Sep 2000 15:53:43 -0400

On Thu, 14 Sep 2000, MARC A KURTZ wrote:

My question is, is a hacker able to "break" into the computer and send
data to that loopback address and get the response? Is the loopback
completely non-physical? In other words if a hacker injected 127.0.0.1
packets into the ethernet card somehow, would the card ignore them, or
pass them to the IP stack?? Will the hacker be able to get the
response if it gave one? We are also assuming there is no PcAnywhere
or similiar software installed to take control of the mouse, keyboard
and screen.


many systems can be fooled into accepting LAN packets from "localhost" on
their extenral interfaces. make sure that your filtering sofwtare is set
up properly to disallow lo0 traffic on anything but lo0.

jose nazario                                    jose () biochemistry cwru edu
PGP fingerprint: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc

Current thread:

[PEN-TEST] Breaking SSH Listening Ports MARC A KURTZ (Sep 14)
- Re: [PEN-TEST] Breaking SSH Listening Ports Jose Nazario (Sep 14)
- Re: [PEN-TEST] Breaking SSH Listening Ports Crist Clark (Sep 14)
- <Possible follow-ups>
- Re: [PEN-TEST] Breaking SSH Listening Ports Dunker, Noah (Sep 14)
- Re: [PEN-TEST] Breaking SSH Listening Ports Dunker, Noah (Sep 14)