On May 6, 2018 6:33 PM, ѽ҉ᶬḳ℠ <v...@gmx.net> wrote: > Depends perhaps a bit of what the (long term) aim/goal of the WG is - > > whether to be a niche product for enthusiasts (only guessing here that > > this is the current state) or to make it into the > > mainstream/corporate/commercial arena. I doubt that server > > administrators will take to it with no control over WG's socket/iface > > exposure. Probably time will tell and/or I am wrong with that > > perspective already.
Several people described to you that there is no exposure as every invalid packet will be silently dropped and you still insist there is a flaw in WG which will hurt it's adoption. For constructive discussion I propose this: present us PoC which will show that listening on 0.0.0.0 and ::1 can be exploited with WG and binding it exclusively to x.x.x.x will help to mitigate it. At least try to describe such scenario. That would move this discussion forward and may even lead to WG code improvements. Jordan _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard