Re: IP fw-in deny (?)
> If you're in a really mean mood, you can put your neighbor behind your
> masqueraded firewall and log all her activity. To do this, set up an alias
> eth0:1 as 192.168.127.1 (or any other convenient reserved network not used
> by yourself). Allow masquerading from this network. Set up dhcpd to
> serve out addresses from 192.168.127.[2-254] to requests coming in on eth0
> (maybe eth0:1, dunno how broadcasts work with aliased adapters). Presto,
> your machine gets all traffic from any neighbor who DHCPs over your link
> (if you respond before the ISP's DHCP server) and masquerades it to the
> 'net. Your neighbors don't notice anything wrong, but you can snoop 'em
> at will.
If your cable modem is as simple as a hub you could probably snoop people's
traffic without assigning them an IP. I think this is something a lot of
people are going to be unaware of, and it's going to be a big security
hole.
On the other hand, it would make for a fun movie: "The cracker is somewhere
in Chicago...maybe."
Robert
--
Robert de Forest robert@tapestry.net "Time flies like an arrow.
Network Administrator (831) 460-4355 Fruit flies like a banana."
Tapestry.net http://got.net/~crag/
Reply to: