Re: First line in /etc/hosts

To: Junichi Uekawa <dancer@netfort.gr.jp>
Cc: debian-devel@lists.debian.org
Subject: Re: First line in /etc/hosts
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Tue, 22 Feb 2005 20:56:51 -0300
Message-id: <[🔎] 20050222235651.GC1842@khazad-dum.debian.net>
In-reply-to: <[🔎] 878y5g9ohr.wl@netfort.gr.jp>
References: <[🔎] 20050213122515.GA12244@uio.no> <[🔎] 20050213150126.GA2790@projectcolo.org.uk> <[🔎] 87acq8gyuy.fsf@toncho.dhh.gt.org> <[🔎] 20050213205623.GA12175@projectcolo.org.uk> <[🔎] 20050213212630.GB1555@khazad-dum.debian.net> <[🔎] 200502190147.j1J1lBqd009082@renig.nat.blars.org> <[🔎] 20050219021333.GA8242@khazad-dum.debian.net> <[🔎] 878y5g9ohr.wl@netfort.gr.jp>

On Wed, 23 Feb 2005, Junichi Uekawa wrote:
> > The rp_filter will often avoid trouble here, BUT routers often have to
> > disable rp_filter.  So add some rules to the firewall make sure nothing gets
> > into 127.0.0.0/8 unless it is a local packet.
> 
> So, by this implication, if I use arping and pretend to be 127.0.0.1
> to another host, that host will try to ping the network if I ping 127.0.0.1 
> on the target host?

Only if the kernel is starking mad and buggy as all hell, you cannot take
over a local IP from the network, especially one that belongs to a NOARP
interface.

OTOH, you can probably reach all sort of nice stuff that is bound to
127.0.0.1 in another host over the network, and a lot of people will be
caught with their ports open on that one.  If you send a packet to 127.0.0.1
with the MAC address of any of the local interfaces, and forwarding is
enabled, well...

I am not sure it will work with forwarding disabled.  Anyone cares to test?
Disable rp_filter first.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- First line in /etc/hosts
  - From: "Steinar H. Gunderson" <sgunderson@bigfoot.com>
- Re: First line in /etc/hosts
  - From: Mark Brown <broonie@sirena.org.uk>
- Re: First line in /etc/hosts
  - From: John Hasler <jhasler@debian.org>
- Re: First line in /etc/hosts
  - From: Mark Brown <broonie@sirena.org.uk>
- Re: First line in /etc/hosts
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: First line in /etc/hosts
  - From: Blars Blarson <blarson@blars.org>
- Re: First line in /etc/hosts
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: First line in /etc/hosts
  - From: Junichi Uekawa <dancer@netfort.gr.jp>

Prev by Date: Re: First line in /etc/hosts
Next by Date: Re: Let's remove mips, mipsel, s390, ... (Was: [Fwd: Re: GTK+2.0 2.6.2-3 and buildds running out of space])
Previous by thread: Re: First line in /etc/hosts
Next by thread: Re: First line in /etc/hosts
Index(es):
- Date
- Thread