On Mon, Feb 03, 2020 at 10:08:52AM +0000, ratatatah wrote: > I've been told IP hiding inside FreeBSD jails is much easier, and that > potential intruders would only be able to see local IPs. Is there any truth > to that, and if so, why is this so hard to achieve on OpenBSD? > > Thanks, > Ratah Tatah
A jail (which isn't implemented in OpenBSD) is a mechanism where resources are compartmentalized within it. One such resource is IP addresses. You can look at this as a model of hierarchy vs. flatness where jails are a hierarchy and OpenBSD's resources are flat. In OpenBSD all aliases and interfaces are accessible to be read by everyone who can open a socket. Please see the getifaddrs(3) manpage to see why Regards, -peter
