Skip to content

Archives

when a broadcast packet really was a broadcast

some history: my broadcast, by Jordan Hubbard (ucbvax!jkh), 2 Apr 1987. It seems the default configuration for Suns back then was that “everyone” really meant everyone — resulting in some fun when Jordan ran rwall (remote write to all) to the broadcast netgroup. Some good snippets in retrospect:

Since rwall is an RPC service, and RPC doesn’t seem to give a damn who you are as long as you’re root (which is trivial to be, on a work- station), I have to wonder what other RPC services are open holes. We’ve managed to do some interesting, unauthorized, things with the YP service here at Berkeley, I wonder what the implications of this are. …

(An) alternative (to getting rid of rwall) would be to tighten up all the IMP gateways to forward packets only from trusted hosts. I don’t like that at all, from a standpoint of reduced convenience and productivity.

Fast-forward to 15 years later: RPC services are almost all firewalled off due to insecurity, and packet filters on gateways — ie. firewalls — are standard kit. The internet has changed a lot since then.