loopback address
This is a discussion on loopback address within the Linux Security forums, part of the System Security and Security Related category; Lately I noticed attempts to hack into my computer through 127.0.0.1 Is there a chance to change ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-14-2004
|
|||
|
|||
loopback address
Lately I noticed attempts to hack into my computer
through 127.0.0.1 Is there a chance to change loopback address to ie. 127.1.0.0 Gateway 255.255.0.0 I tried the simplest way /etc/sysconfig/network-scripts but X doesn't start because it search for 127.0.0.1 robert 
|
|
06-14-2004
|
|||
|
|||
|
Re: loopback address
On Mon, 14 Jun 2004 10:55:22 +0200, robert seczkowski scribbled:
> Lately I noticed attempts to hack into my computer > through 127.0.0.1 > Is there a chance to change loopback address to ie. > 127.1.0.0 Gateway 255.255.0.0 > I tried the simplest way /etc/sysconfig/network-scripts but > X doesn't start because it search for 127.0.0.1 > > robert Well, Robert, Why would you do that? It's a *LOT* of work to teach all of your applications to interact with this new address locally. Assuming you *do* have a firewall, simply DROP all packeges that try to enter at this address from the outside world. If your problem then persists you might ask yourself: was this really a hack-attempt? Yours, Gerard -- GerardLinux ay tee filternet dee oo tee ann el Q: What is small, yellow, and very, very dangerous? A: A canarie with the super-user password.
|
|
06-14-2004
|
|||
|
|||
|
Re: loopback address
Gerard wrote:
> On Mon, 14 Jun 2004 10:55:22 +0200, robert seczkowski scribbled: > >> Lately I noticed attempts to hack into my computer >> through 127.0.0.1 >> Is there a chance to change loopback address to ie. >> 127.1.0.0 Gateway 255.255.0.0 >> I tried the simplest way /etc/sysconfig/network-scripts but >> X doesn't start because it search for 127.0.0.1 >> >> robert > > > Well, Robert, > > Why would you do that? It's a *LOT* of work to teach all of your > applications to interact with this new address locally. > > Assuming you *do* have a firewall, simply DROP all packeges that try to > enter at this address from the outside world. > > If your problem then persists you might ask yourself: was this really a > hack-attempt? > > Yours, > Gerard > I disagree ! attack follows with cracked sender address, like source addr 127.0.0.1 destination address my_ip_address packet received from got_you.org robert
|
|
06-14-2004
|
|||
|
|||
|
Re: loopback address
Gerard wrote: > On Mon, 14 Jun 2004 10:55:22 +0200, robert seczkowski scribbled: > >> Lately I noticed attempts to hack into my computer >> through 127.0.0.1 >> Is there a chance to change loopback address to ie. >> 127.1.0.0 Gateway 255.255.0.0 >> I tried the simplest way /etc/sysconfig/network-scripts but >> X doesn't start because it search for 127.0.0.1 >> >> robert > > > Well, Robert, > > Why would you do that? It's a *LOT* of work to teach all of your > applications to interact with this new address locally. > > Assuming you *do* have a firewall, simply DROP all packeges that try to > enter at this address from the outside world. > > If your problem then persists you might ask yourself: was this really a > hack-attempt? > > Yours, > Gerard > The problem was rather more serious with Windows, where firewall is a comercial product. However without firewall it seems to be the problem on linux
|
|
06-14-2004
|
|||
|
|||
|
Re: loopback address
On Mon, 14 Jun 2004 18:11:25 +0200, robert seczkowski scribbled:
> Gerard wrote: > >> On Mon, 14 Jun 2004 10:55:22 +0200, robert seczkowski scribbled: >> >>> Lately I noticed attempts to hack into my computer >>> through 127.0.0.1 >>> Is there a chance to change loopback address to ie. >>> 127.1.0.0 Gateway 255.255.0.0 >>> I tried the simplest way /etc/sysconfig/network-scripts but >>> X doesn't start because it search for 127.0.0.1 >>> >>> robert >> >> Well, Robert, >> >> Why would you do that? It's a *LOT* of work to teach all of your >> applications to interact with this new address locally. >> >> Assuming you *do* have a firewall, simply DROP all packeges that try to >> enter at this address from the outside world. >> >> If your problem then persists you might ask yourself: was this really a >> hack-attempt? >> >> Yours, >> Gerard >> > I disagree ! > attack follows with cracked sender address, like > source addr 127.0.0.1 > destination address my_ip_address > packet received from got_you.org > robert OK, but again: why not DROP all packages that are incoming on your firewall with source address 127.0.0.1 ? -- GerardLinux ay tee filternet dee oo tee ann el Q: What is small, yellow, and very, very dangerous? A: A canarie with the super-user password.
|
Linear Mode
