Re: [fw-wiz] a cutting-edge open-source network security project

You're right, but that's kind of a straightforwardly-solved problem, isn't it? Just park it behind SSH.

The heresies involved in Travis' project are much more violent than the command/control channel. Interested in your real thoughts.

On May 18, 2010, at 7:49 PM, Darren Reed wrote:

On 2/05/10 03:48 PM, travis+ml-firewalls@xxxxxxxxxxxxxxxxx wrote:


How do you authenticate connections to the dfd daemon?

If all I need is netcat (as per the example in your web
page above), then that doesn't speak too highly of the
security of the daemon itself.

Are you effectively giving all users that can connect
to it root level privilege on the firewall?


firewall-wizards mailing list

Thomas Ptacek // matasano security // founder, product manager
read us on the web:
check out playbook:
reach me direct: 888-677-0666 x7805

"The truth will set you free. But not until it is finished with you."

Attachment: smime.p7s
Description: S/MIME cryptographic signature

firewall-wizards mailing list