Date: Wed, 31 May 2000 19:19:02 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Ron Rosson <insane@lunatic.oneinsane.net> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: Logging for ipfilter under 3.4-STABLE April Build Message-ID: <200006010219.e512JFA04569@cwsys.cwsent.com> In-Reply-To: Your message of "Wed, 31 May 2000 07:22:42 PDT." <20000531072242.A16064@lunatic.oneinsane.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20000531072242.A16064@lunatic.oneinsane.net>, "Ron 'The InSaNe One' Rosson" writes: > Sorry for not mentioning that this is the ipfilter that was in the 3.4-STABLE > branch in April. Here is how I start ipfilter and ipmon from my startup scrip > t > located in /usr/local/etc/rc.d > > ## IPFilter > /sbin/ipf -Fa -f /etc/ipf.conf > /usr/sbin/ipmon -sn The -n option is a bad idea. There is a possibility that an attacker could notice that for every blocked packet a DNS request is sent out by the firewall. Remove the -n option and your firewall becomes stealthier. Instead, use plog, from http://www.antibozo.net/ogata/webtools/plog.txt or http://pobox.com/~ogata/webtools/plog.txt. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006010219.e512JFA04569>