Re: Problems with Sendmail

Subject: Re: Problems with Sendmail
From: Barsalou (barjunk@attglobal.net)
Date: Sat Nov 15 2003 - 23:17:54 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: shortpier: "Re: Problems with Sendmail"
• Previous message: shortpier: "Re: Problems with Sendmail"
• In reply to: shortpier: "Re: Problems with Sendmail"
• Next in thread: shortpier: "Re: Problems with Sendmail"
• Reply: Barsalou: "Re: Problems with Sendmail"
• Reply: Barsalou: "Re: Problems with Sendmail"

I guess that would also mean that I should be droping any packets that
come in on the external interface that don't have a source or
destination IP of my host. If my IP is X and the packet IP's are Y and
Z and my machine is being used as a gateway...normally it would
route...unless I explicitly stop that....correct?

Is that a forwarding rule or what?

Mike

On Fri, 2003-11-14 at 04:29, shortpier wrote:
> Mike
> Yep you got it right
>
> As Long as the gateway is a routeable addy all the routers in between
> will ignore all other IP info beacuse the packet is sent to the
> gatewaythen the gateway decides the route. This is NOT a spoof But a
> badly set up NAT/Private IP system. True spoofing takes place at the
> packet level and is a motherF**ker to protect agains.. You have to
> capture that packets "inflight" And with most spoofs you look at the
> hosts that the packet has passed through and the second addy from the
> "origin" is normally the true ip of the sender. Refrence the
> teardrop/nestea exploits that used to Bulescreen Win95/98 first edition
> and use 100% CPU time on NT4 (ip packet fragment bug in BSD TCPIP that
> Linux and M$ were useing in those days.
>
> /me does not know why people would like Teardrop................
>
> Ah to be young again
>
> Shortpier
> On Sat, 2003-11-15 at 21:46, Barsalou wrote:
> > I think I finally get it....if I have box A and I want to spoof traffic,
> > I can use Box B where ever it is in the world as my gateway and
> > therefore if it is broken in the way it routes, I can spoof the
> > source/destination address and the routers between me and that box won't
> > care....they will just blindly pass the packet on to the gateway...do I
> > understand what you are saying?
> >
> > Mike

-- 
Barsalou <barjunk@attglobal.net>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: shortpier: "Re: Problems with Sendmail"
• Previous message: shortpier: "Re: Problems with Sendmail"
• In reply to: shortpier: "Re: Problems with Sendmail"
• Next in thread: shortpier: "Re: Problems with Sendmail"
• Reply: Barsalou: "Re: Problems with Sendmail"
• Reply: Barsalou: "Re: Problems with Sendmail"

This archive was generated by hypermail 2a23 : Sat Nov 15 2003 - 23:12:23 AKST