An interesting vulnerability... Sorry this is a tad off-top
ic.
David_Biggins@usermgmt.com
David_Biggins at usermgmt.com
Tue, 26 Mar 2002 09:05:25 -0000
> -----Original Message-----
> From: John Young [mailto:jya@pipeline.com]
> Sent: Monday, 25 March, 2002 08:23
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Re: An interesting vulnerability... Sorry this is a tad
> off-topic.
>
>
> Ah, yes, this is called the inside the intranet ethernet attack. Your
> own network is hammering your firewall from inside the protective
> moat. Probably from net address 0,0,0,0.
I don't think so. Ping -a on the incoming addresses identified by Zone
Alarm give a fascinating range of probably identifiable users - mostly
apparently on Blue Yonder and Telewest.
My surprise is not that I'm getting hits, but that they CONTINUE,
identifiably from the outside, when the modem is supposed to be on
standby.
> Our cable modem does that too, gangs up with ethernet on
> Zone Alarm, hits the protecting wall from front and back.
>
> For those of you not blessed with a cable modem which needs
> to serve an intranet, is to cable it into your network router which
> in turn makes the cable accessible from machines on the net.
>
I'm feeding from the cable modem to a spare firewall/proxy machine,
which then allows access from whichever machine I happen to be using at
the time.
## dave ##