Re: CERT VU#539363
From: Darren Reed (avalon@coombs.anu.edu.au)
Date: 10/17/02
- Next message: David Schultz: "Re: CERT VU#539363"
- Previous message: Darren Reed: "Re: CERT VU#539363"
- In reply to: Chuck Swiger: "Re: CERT VU#539363"
- Next in thread: Charles Swiger: "Re: CERT VU#539363"
- Reply: Charles Swiger: "Re: CERT VU#539363"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Darren Reed <avalon@coombs.anu.edu.au> To: cswiger@mac.com (Chuck Swiger) Date: Thu, 17 Oct 2002 10:12:06 +1000 (Australia/ACT)
In some mail from Chuck Swiger, sie said:
>
[...]
> OS X (or FreeBSD, for that matter) may not be vulnerable also because they
> don't try to monitor FTP transactions looking for the PASV, and thus don't
> create the bogus dynamic rule. Someone using static packet filtering
> rules (before a check-state) can block access to the low ports (below 1024)
> and mitigate against the spoofed dynamic rules.
[...]
You're confusing 539363 (state) with 328867 (FTP).
Darren
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: David Schultz: "Re: CERT VU#539363"
- Previous message: Darren Reed: "Re: CERT VU#539363"
- In reply to: Chuck Swiger: "Re: CERT VU#539363"
- Next in thread: Charles Swiger: "Re: CERT VU#539363"
- Reply: Charles Swiger: "Re: CERT VU#539363"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
