Re: Best way to filter "Nachi pings"?
From: Brett Glass (brett_at_lariat.org)
Date: 10/28/03
- Previous message: Jason Stone: "Re: How to disable XFree86 and wdm listening ports"
- In reply to: Peter C. Lai: "Re: Best way to filter "Nachi pings"?"
- Next in thread: Brett Glass: "Re: Best way to filter "Nachi pings"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 27 Oct 2003 19:05:38 -0700 To: peter.lai@uconn.edu
At 12:22 PM 10/27/2003, Peter C. Lai wrote:
>Similarly, is there a reason that you wouldn't be able to use the less robust
>ipfw2 on your release (since I assume you'd be using it purely for its iplen
>capabilities)?
Look at some of the latest notes in the CVS database. They mention
use-after-free problems, security holes (unprivileged users can
manipulate the firewall), and other things you just wouldn't want
on a production system. The good news is that they scoured the code
quite thoroughly, and it seems to be solid now.
--Brett
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Jason Stone: "Re: How to disable XFree86 and wdm listening ports"
- In reply to: Peter C. Lai: "Re: Best way to filter "Nachi pings"?"
- Next in thread: Brett Glass: "Re: Best way to filter "Nachi pings"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
