| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050503085240.37433c10.vtlists@wyae.de> Date: Tue May 3 07:53:02 2005 From: vtlists at wyae.de (Volker Tanger) Subject: The best hacker ever ! On Mon, 2 May 2005 12:06:39 -0400 (EDT) Gregory Boyce <gboyce@...belly.com> wrote: > On Mon, 2 May 2005, Zuxy Haiduc wrote: > > > While most people know better than attacking 127.0.0.1, it's > > important to note that in some operating systems (Windows, and a few > > others, but normally not *nix), anything in 127.* is loopback. > > > > Its a lot easier to trick someone into attacking, say, > > 127.36.120.67, than 127.0.0.1. > > 127.36.120.67 works under Linux as well (tested on Ubuntu, Debian, > Redhat and Gentoo with 2.2-2.6 kernels). OTOH I have seen machines (process/machine crontrol systems) that were hardwired to 127.0.0.*/24 as ethernet addresses (eth0, not loopback)... Bye Volker -- Volker Tanger http://www.wyae.de/volker.tanger/ -------------------------------------------------- vtlists@...e.de PGP Fingerprint 378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB
Powered by blists - more mailing lists