Re: Have I misunderstood an ipchains concept?

To: KL Davis <info@nanux.com>
Cc: debian-security@lists.debian.org, Christian Pernegger <pernegger@chello.at>
Subject: Re: Have I misunderstood an ipchains concept?
From: Christian Pernegger <pernegger@chello.at>
Date: Thu, 21 Sep 2000 15:09:46 +0200
Message-id: <[🔎] 20000921150946.A5541@southpark.chp>
In-reply-to: <[🔎] 004d01c02373$5bc4a8c0$c801a8c0@lycanthro.lab>; from info@nanux.com on Wed, Sep 20, 2000 at 10:26:31PM -0400
References: <[🔎] 20000921023809.A4870@southpark.chp> <[🔎] 004d01c02373$5bc4a8c0$c801a8c0@lycanthro.lab>

> What they are saying is that a machine *should* never recieve a packet that
> has originated from outside the machine, yet claims (by way of the source
> IP) to have originated from that machine?

Exactly. A packet arriving on an eth interface comes from outside.
I always thought that a packet destined to the host itself would
arrive on the loopback interface, no matter what.

Nevertheless a broadcast initiated on a host "seems to come from"
outside it, not lo.

> There are probably better ways of protecting against this...

This is surely true, but not the point. I rather relied on
that bahavior.

Regards

Christian

Reply to:

Follow-Ups:
- Re: Have I misunderstood an ipchains concept?
  - From: "Noah L. Meyerhans" <frodo@morgul.net>

References:
- Have I misunderstood an ipchains concept?
  - From: Christian Pernegger <pernegger@chello.at>
- Re: Have I misunderstood an ipchains concept?
  - From: "KL Davis" <info@nanux.com>

Prev by Date: Re: Have I misunderstood an ipchains concept?
Next by Date: Re: Have I misunderstood an ipchains concept?
Previous by thread: Re: Have I misunderstood an ipchains concept?
Next by thread: Re: Have I misunderstood an ipchains concept?
Index(es):
- Date
- Thread