[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
route to hostname +
- To: tech_(_at_)_openbsd_(_dot_)_org
- Subject: route to hostname +
- From: "Ilya A. Kovalenko" <shadow_(_at_)_oganer_(_dot_)_net>
- Date: Fri, 16 Jul 2004 18:40:12 +0800
- Organization: JSC Oganer-Service
- Reply-to: "Ilya A. Kovalenko" <shadow_(_at_)_oganer_(_dot_)_net>
hmm ... I guess, nobody cares that spotted line can cause:
>> Communication failure - (if /etc/hosts doesn't match
new /etc/hostname.if) - machine will not communicate with
(old) address mapped as $hostname on /etc/hosts.
>> VULNERABILITY - (if /etc/hosts doesn't match new /etc/myname)
attacker can block machine's communication with any other single
host by DNS spoofing (spoofing $hostname address) on machine
In other words, spotted line REQUIRES /etc/hosts to be synchronized
with /etc/myname and /etc/hostname.*.
If I am not mistaken, that line comes from 4.4BSD, is it still
actual for current stack and /etc/netstart ?
Ilya A. Kovalenko