Subject: Re: arping for 127.0.0.1
To: Paul Goyette <firstname.lastname@example.org>
From: Ignatios Souvatzis <email@example.com>
Date: 06/15/1998 12:16:31
> Yeah - I see now how this could be some sort of DoS attack.
> And yes, you are correct - we certainly shouldn't be doing
> proxy arp unless told to do so. For any given interface,
> we should only respond to ARP requests for our IP address(es)
> on _that_ interface.
Yes. Thats what the code in sys/netinet/if_arp.c:in_arpinput() ensures (or
at least, tries to). Furthermore, I can't see how you could enter, at least
from the command line, an arp entry for 127.0.0.1 ... normally.
Did the machine in question _ever_ (since reboot) have 127.0.0.1 assigned
to the Ethernet interface?