#22111: dropbear listens on public ipv6 connection after process restart =
remote
SSH access (vulnerability mitigation included)
-----------------------+----------------------------------
Reporter: Aditza | Owner: developers
Type: defect | Status: new
Priority: high | Milestone:
Component: packages | Version: Chaos Calmer 15.05
Resolution: | Keywords: dropbear, remote ssh
-----------------------+----------------------------------
Comment (by anonymous):
I see now. I didn't realize that Linux (on the router) would be able to
route to the public prefix on its LAN interface even if the LAN interface
didn't have an address with that prefix. It also seems like the router
wouldn't be able to originate traffic destined to the public addresses of
machines on the LAN (because it would have no source address to use).
Maybe that's ok though?
--
Ticket URL: <https://dev.openwrt.org/ticket/22111#comment:8>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
