No, another modem user of the same ISP, in fact one using the same upstream
router, still could not redirect your traffic to his machine.
The reason for this is that routing, even in a simple desktop, has the job only
of choosing the next hop. It has no control over subsequent routes. With a
dial-up system, the next hop can only be the router you're dialed into.
(There is an IP concept called "source routing", which would allow a
traffic-originating machine to influence remote route decisions. But this is
likely not accepted by your ISPs router. Even if it was allowed, an attacking
machine would have no way to make your machine do source routing (without
breaking into your machine and modifying the IP stack). In fact, you couldn't
make this happen yourself on W95, except for use of special options on the ping
and tracert commands.)
Tony Rall
"James Strompolis" <[EMAIL PROTECTED]> on 08/24/1999 08:42:43
For some reason I can't pull up the full advisory at the moment to re-read
it. Would it not be possible for another dial up user on the same ISP to do
the same thing as a cable modem user and change the route? At home, I'm on
a cable modem so the issue concerned me momentarily until reading that NT
4.0 was not affected. What stops another modem user on the same subnet from
being able to perpetrate a change of routing? Thanks.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
