RE: Possible New Security Tool For FreeBSD, Need Your Help.
From: Laurence Brockman (L.Brockman@videon.ca)
Date: 09/05/01
- Next message: horio shoichi: "Re: pop server"
- Previous message: Giorgos Keramidas: "Re: Good practice for /tmp"
- Maybe in reply to: Not Going to Tell You: "Possible New Security Tool For FreeBSD, Need Your Help."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Laurence Brockman <L.Brockman@videon.ca> To: security@freebsd.org Date: Wed, 5 Sep 2001 15:41:02 -0600
> -----Original Message-----
> From: Chris BeHanna [mailto:behanna@zbzoom.net]
> Sent: Friday, August 31, 2001 10:08 PM
> To: security@freebsd.org
> Subject: Re: Possible New Security Tool For FreeBSD, Need Your Help.
>
<SNIP>
> If your machine is attached to a cable modem, then there are 253
> other hosts in your neighborhood who can very easily sniff
> your traffic.
This is wrong in all but the worst Cable Modem Provider cases. Most modems
communicate directly with the cable routers and do not broadcast ANY traffic
but the broadcast traffic (ARP's, etc). You could sniff the RF on all of the
modems on your node, but this should all be encrypted anyways (At least the
Cable provider I work for does this, as well as most others that I know of).
So, if your Cable provider is not filtering traffic, etc then I'd have a
talk with them. It's very easy now days to implement filters on the cable
modem (Including the dropping of spoofed packets to prevent things like
SMURFs, etc).
>
> If you're trying to open ports remotely, then your key traffic is
> going over the internet. Do a traceroute between the host you're
> using and the host you're trying to manage, and ponder someone
> sniffing along any of those hops.
>
> Although this is unlikely for the casual user, it becomes more
> likely if the remote host is a corporate-owned machine in a highly
> competitive area of industry.
>
> --
> Chris BeHanna
> Software Engineer (Remove "bogus" before
> responding.)
> behanna@bogus.zbzoom.net
> I was raised by a pack of wild corn dogs.
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: horio shoichi: "Re: pop server"
- Previous message: Giorgos Keramidas: "Re: Good practice for /tmp"
- Maybe in reply to: Not Going to Tell You: "Possible New Security Tool For FreeBSD, Need Your Help."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
