uml switch2 security | |||
| Everybody has doubts about the security concern of my udp-port feature of the uml_switch2 program. Here is my reasoning.
- First of all, you don't need to enable listening on the udp-port. - Secondly the normal situation is that you have public traffic on a private wire (normally the situation is the other way round: you have private traffic on a public wire). So the security issue is the program, which prepends the udp header before the ethernet packet. As long as this program is not compromised, there is no security issue. - Third my implementation checks that all traffic is between ports below 1024. That means, that anybody who can send an faked packet to my uml_switch2 program can also just send the same packet directly to the supporting network (o.k. there are some packets which you can more easily fake with the support of uml_switch2, but these are quite a bit academic). Hope that helps. | |||
|