On Mon, 05 Feb 2018, at 13:23:11 +0000, Maxime Villard wrote: >Module Name: src >Committed By: maxv >Date: Mon Feb 5 13:23:11 UTC 2018 > >Modified Files: > src/sys/netinet: ip_input.c > >Log Message: >Disable ip_allowsrcrt and ip_forwsrcrt. Enabling them by default was a >completely dumb idea, because they have security implications. > >By sending an IPv4 packet containing an LSRR option, an attacker will >cause the system to forward the packet to another IPv4 address - and >this way he white-washes the source of the packet. > >It is also possible for an attacker to reach hidden networks: if a server >has a public address, and a private one on an internal network (network >which has several internal machines connected), the attacker can send a >packet with: > > source = 0.0.0.0 > destination = public address of the server > LSRR first address = address of a machine on the internal network > >And the packet will be forwarded, by the server, to the internal machine, >in some cases even with the internal IP address of the server as a source.
Hello, This particular fix has been pulled up to the various 6.x and 7.x branches, but not to 8.0_BETA. Is that still pending because it's part of a larger planned change set? Thanks for all the improvements you've been making! Regards, Dave
