Re: Why no printk for duplicate IPs?

Alex Nicolaou (anicolao@mud.cgl.uwaterloo.ca)
Wed, 29 Sep 1999 14:13:42 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: James Manning: "Re: Repeatable oops from md driver with raid0"
Previous message: Andrea Arcangeli: "[patch] select_dcache dead"
Maybe in reply to: Marc MERLIN: "Why no printk for duplicate IPs?"
Next in thread: Alex Nicolaou: "Re: Why no printk for duplicate IPs?"

Alan Cox wrote:
>
> > On the other hand, someone should still take the time to modify
> > "ifconfig" to send out one or two ARPs for our OWN IP address, and if
> > they get answered, it should not allow the ifconfig to complete
> > (without the operator specifing something like --force).
>
> That becomes a denial of service attack like the Macmasher which simply
> sits on a network claiming each appletalk address is used. 100% mac
> free networks

How does the current setup avoid this problem? If someone's answering
ARPs for your IP, you're not going to get far.

This is a long-standing problem with almost all of the TCP protocols -
they assume trusted network administrators. Of course these days anyone
with a cable modem and a PC is a "network administrator" :-(

alex

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: James Manning: "Re: Repeatable oops from md driver with raid0"
Previous message: Andrea Arcangeli: "[patch] select_dcache dead"
Maybe in reply to: Marc MERLIN: "Why no printk for duplicate IPs?"
Next in thread: Alex Nicolaou: "Re: Why no printk for duplicate IPs?"