[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

route to hostname +



  hmm ... I guess, nobody cares that spotted line can cause:

  >> Communication failure - (if /etc/hosts doesn't match
     new /etc/hostname.if) - machine will not communicate with
     (old) address mapped as $hostname on /etc/hosts.
     
  >> VULNERABILITY - (if /etc/hosts doesn't match new /etc/myname)
     attacker can block machine's communication with any other single
     host by DNS spoofing (spoofing $hostname address) on machine
     boot time.

  In other words, spotted line REQUIRES /etc/hosts to be synchronized
with /etc/myname and /etc/hostname.*.

  If I am not mistaken, that line comes from 4.4BSD, is it still
actual for current stack and /etc/netstart ?

Ilya A. Kovalenko



Visit your host, monkey.org