On Fri, 28 Dec 2001, Ruwan Jayasinghe wrote:
> I am thinking of doing a howto on using one ethernet card and aliasing > one of the IP addresses.. I know how to do it but not being a > security expert I have some questions. > > 1. Does it really affect the security setup of a stock 4.12 - 5.1? Yes. Significantly. It becomes relatively easy to spoof a "trusted" address if traffic from both trusted and untrusted addresses arrive on the same network interface. "Dual homing" is an important part of standard network security design. You would be unwise to abandon it. -- Charlie Brady [EMAIL PROTECTED] Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org