Re: First line in /etc/hosts
On Wed, 23 Feb 2005, Junichi Uekawa wrote:
> > The rp_filter will often avoid trouble here, BUT routers often have to
> > disable rp_filter. So add some rules to the firewall make sure nothing gets
> > into 127.0.0.0/8 unless it is a local packet.
> So, by this implication, if I use arping and pretend to be 127.0.0.1
> to another host, that host will try to ping the network if I ping 127.0.0.1
> on the target host?
Only if the kernel is starking mad and buggy as all hell, you cannot take
over a local IP from the network, especially one that belongs to a NOARP
OTOH, you can probably reach all sort of nice stuff that is bound to
127.0.0.1 in another host over the network, and a lot of people will be
caught with their ports open on that one. If you send a packet to 127.0.0.1
with the MAC address of any of the local interfaces, and forwarding is
I am not sure it will work with forwarding disabled. Anyone cares to test?
Disable rp_filter first.
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot