| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ssch at wheel.dk (Steffen Schumacher) Subject: Odd packet? On 26.05.2004 11:05:43 +0000, Valentino Squilloni - Ouz wrote: > On Wed, 26 May 2004, Steffen Schumacher wrote: > > [] > > However, as you said, no ISP, which has to follow rules and regulations > > in the western world allows spoofing of or even routing of the 127/8 net. > > Yes, but 127/8 as the source or the destination ? > Well no matter which, a packet with that src or dst should *never' originate from the ISP. I haven't heard of anyone routing 127/8 or allowing spoofing of 127/8 addresses. I can only speak for my own company (a middlesized european ISP), and none of our > 1k backbone routers route 127/8 or allow incoming packets with src 127/8 unless its in L2/3 VPN. the 127/8 is reserved for loopback interfaces and should NOT be routed or allowed. Any breach of this should result in complaints to the ISP in question!. > Even the OP didn't mentioned this. I'm proned to believe those packets > have 127.0.0.1 as the source of the packets. > I'm proned to think that if indeed these packets was seen on the wire, it was his own pc that generated them. PS. To Maarten: Sorry for mixing your name in this one Maarten - I apologize! > -- > >avendo accesso come root ad un server remoto, come potrei fare a rendere > >il sistema non utilizzabile ma in modo sottile ? > Se NT puo' installarsi via FTP, e' la tua risposta. > -- Leonardo Serni > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists