Subj : fsxNet Feedback (ZeroTier)
To   : Oli
From : deon
Date : Mon May 17 2021 10:14 am

  Re: fsxNet Feedback (ZeroTier)
  By: Oli to deon on Sun May 16 2021 03:52 pm

 Ol>>> Another incredibly powerful feature of ZeroTier is the ability to
 Ol>>> tap the entire network regardless of how widely distributed its
 Ol>>> nodes are.

 Ol>>> Is there a way to prevent this?

 d>> I dont see this as an issue, it would be no differnet to tcpdump -ni eth0:

 Ol> I was not aware that you can monitor all of my fsxnet traffic with a tcpdump on your side.

 Ol> For a corporate network this is obviously a feature, but in our use case I would call it a security flaw.

I didnt say I could see "all traffic" - infact I've been explaining how its peer to peer all along - so there is no way I can see your traffic to another node, since it doesnt come via me.

But I can see any traffic that broadcasts on the network (BAU), as well as any traffic that is destined to me, via a TCPDUMP. (I think from memory that broadcasts can be blocked via configuration, and thus if so, I would see them.)

The interface that ZT creates is similar to a switched ethernet interface - anything that comes down that port I can see.

....כמון
--- SBBSecho 3.14-Linux
 * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)

.