From: Tshon (tshon@xxxxxxxxxxx)
Date: Fri Mar 15 2002 - 15:01:13 GMT-3
Reply, forgive me, I didn't notice the static routes that you have, my
previous post won't
help. I'm interested to see your arp cache.
Ahmed Mamoor Amimi wrote:
>interesting ... i will try this
>
>-Mamoor
>
>
>----- Original Message -----
>From: Mannan Venkatesan <mv_lab@hotmail.com>
>To: lab <ccielab@groupstudy.com>
>Sent: Friday, March 15, 2002 9:11 PM
>Subject: Fooling the router
>
>
>>Guys,
>>One of friend brought up a good question and we tested it. Here it goes,
>>
>>D1-----R1----------R2-----D2
>>
>>R1 is connected to R2 through P-t-P serial link. I used 10.1.1.1/24
>>
>address on
>
>>R1's serial interface and R2 had 20.2.2.2/24. R1 has a static route to D2
>>(desktop) with next-hop, 10.1.1.2(non exist address). R2 has a static
>>
>route to
>
>>D1 with next-hop, 20.2.2.1(non-exist address again).
>>
>>When I tried to ping D2 from D1, R1 and R2 never change the source and
>>destination address (normal behavior) and it worked with R1 and R2
>>
>directly
>
>>connected using totally different network addresses.
>>
>>Ofcourse this will not work if the routers originates any packet but they
>>don't do any check if the packet are originated from desktops. Is it kind
>>
>of a
>
>>security hole?
>>
>>Regards,
>>Mannan Venkatesan
>>CCIE # 8906, CCNP, CCDP,
>>Lucent Technologies - ESS
>>King of Prussia,
>>Pager: 888-663-3853
>>Email: mv70@lucent.com
>>Epage: page_mannan_venkatesan@ins.com
>>
>>"You can swim all day in the Sea of Knowledge and still come out
>>
>completely
>
>>dry. Most people do."
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:09 GMT-3