Re: Fw: Can a daemon listen only on some interfaces?
"Phillip Hofmeister" <plhofmei@svsu.edu> writes:
[snip]
> > If an attacker in the same network sets a route like that:
> >
> > 127.0.0.1 Gateway <your official ip address> Interface <his
> > externel interface>
> Couldn't this be countered with:
> ipchains -i !lo -d 127.0.0.1 -j DENY
> ?
Better,
iptables -A INPUT -m state --state INVALID -j LOG
iptables -A INPUT -m state --state INVALID -j DROP
(and OUTPUT as well, for those paranoid enough to do egress filtering).
Also,
echo 1 > /proc/sys/net/ipv4/conf/*/rp_filter
with echo 1 > /proc/sys/net/ipv4/conf/*/log_martians
for logging/fun purposes.
~Tim
--
Another day, |piglet@stirfried.vegetable.org.uk
Another kernel recompile |http://spodzone.org.uk/
Reply to: