I share Alex's confusion. Antoine, can you give us more detail on this? -david
> -----Original Message----- > From: Alex Pankratov > Sent: Thursday, July 06, 2006 11:34 AM > To: theory and practice of decentralized computer networks > Subject: Re: [p2p-hackers] Strange Behavior...Concerning NATs > > Antoine Pitrou wrote: > > Le mercredi 05 juillet 2006 à 19:31 -0700, Lemon Obrien a écrit : > >> When two processes are running on the same machine; different port > >> numbers, using their known global ip address, can not talk to each > >> other, yet be able to find and communicate with all other peers. > > > > Yes I've seen it happen behind a NAT too. I've been explained it's a > > security measure: if this was allowed, an external host could use IP > > spoofing to simulate traffic between machines on the LAN (while LAN > > traffic is supposed to be trustable), and then do all kinds of nasty > > things. > > I worked very closely with a number of NAT/policing engines. Having > thought about your remark for sometime now, I can't seem to understand > how hairpin'ing could possibly contribute to an attack you referred to. > > It sounds more like a design flaw in a specific policing engine that > was 'plugged' by disabling hairpin'ing. Do you have any details on the > context of the explanation you received ? > > Thanks, > Alex > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
