| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150322230848.GA8989@gondor.apana.org.au> Date: Mon, 23 Mar 2015 10:08:48 +1100 From: Herbert Xu <herbert@...dor.apana.org.au> To: David Miller <davem@...emloft.net> Cc: eric.dumazet@...il.com, netdev@...r.kernel.org, roland@...estorage.com Subject: Re: arp_hash On Sun, Mar 22, 2015 at 06:58:50PM -0400, David Miller wrote: > > But I do not agree with the idea that it is in any way possible to > stop someone with root access on the physical network from crudding up > our ARP hash tables. But you don't need root access to exploit the neighbour hash table. You just need a sufficiently large (e.g., /16) route to a network and anybody on the system can then generate traffic to it. Granted these days hardly anybody on IPv4 would have such a route but if you do then the hash table makes you exposed. And for IPv6 everybody is potentially exposed. Cheers, -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists