WG interface to ipv4
Jordan Glover
Golden_Miller83 at protonmail.ch
Sun May 6 20:09:52 CEST 2018
On May 6, 2018 6:33 PM, ѽ҉ᶬḳ℠ <vtol at gmx.net> wrote:
> Depends perhaps a bit of what the (long term) aim/goal of the WG is -
>
> whether to be a niche product for enthusiasts (only guessing here that
>
> this is the current state) or to make it into the
>
> mainstream/corporate/commercial arena. I doubt that server
>
> administrators will take to it with no control over WG's socket/iface
>
> exposure. Probably time will tell and/or I am wrong with that
>
> perspective already.
Several people described to you that there is no exposure as every invalid
packet will be silently dropped and you still insist there is a flaw in WG
which will hurt it's adoption. For constructive discussion I propose this:
present us PoC which will show that listening on 0.0.0.0 and ::1 can be
exploited with WG and binding it exclusively to x.x.x.x will help to mitigate
it. At least try to describe such scenario. That would move this discussion
forward and may even lead to WG code improvements.
Jordan
More information about the WireGuard
mailing list