Re: Router filtering not enough! (Was: Re: CERT advisory )

Paul Traina (pst@cisco.com)
Thu, 26 Jan 1995 10:11:03 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Scott D. Yelich: "the next generation of nuke.c"
Previous message: Operator: "Re: the next generation of nuke.c"
In reply to: Jon Peatfield: "Re: Router filtering not enough! (Was: Re: CERT advisory )"
Next in thread: Jon Peatfield: "Re: Router filtering not enough! (Was: Re: CERT advisory )"

> How hard would it be to modify tcpwraper (for example) to check the
> incomming MAC address on a connection and to be worried if it came from a
> list of routers but the address was the local net?

This breaks people who might have their netmasks set incorrectly on the local
net.

Next message: Scott D. Yelich: "the next generation of nuke.c"
Previous message: Operator: "Re: the next generation of nuke.c"
In reply to: Jon Peatfield: "Re: Router filtering not enough! (Was: Re: CERT advisory )"
Next in thread: Jon Peatfield: "Re: Router filtering not enough! (Was: Re: CERT advisory )"