lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200405252357.33490.fulldisc@ultratux.org>
From: fulldisc at ultratux.org (Maarten)
Subject: Odd packet?

On Tuesday 25 May 2004 22:35, Steffen Schumacher wrote:
> On 25.05.2004 21:55:19 +0000, Maarten wrote:
> > On Tuesday 25 May 2004 15:57, Gregh wrote:
> > > Getting quite a few 127.0.0.1 on differing ports lately and I know it
> > > isn't originating FROM this machine. Haven't sniffed any packets but
> > > they come up in logs.
> >
> > Not saying what you see must be wrong but, if your routing / packetfilter
> > / kernelsettings were properly configured you would not ever get these
> > packets as they would be dropped before they would reach your machine. 
> > If not your ISP, then you (indeed everyone) should always drop packets
> > coming from interfaces they _cannot_ originate from.  Antispoofing,
> > that's called. Especially 127.x.x.x is not routed by any ISP which is
> > worth their name.
>
> Logs may still detect packets constructed with a 127/8 address.
> However, as you said, no ISP, which has to follow rules and regulations in
> the western world allows spoofing of or even routing of the 127/8 net.
>
> So Maarten, if you want to write again, please have packetdumps proving you
> case.

Hum...  Aren't you confusing me with Gregh, the OP ?  
And if not, what do you want me to prove ? That 127.0.0.1 is not routed...?

Maarten

> /Steffen

-- 
Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO CARRIER


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ