Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 27 Jul 1999 10:24:47 -0700 (PDT)
From:      Matthew Dillon <>
To:        Nate Williams <>
Cc:        "Brian F. Feldman" <green@FreeBSD.ORG>, Joe Greco <>, hackers@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG
Subject:   Re: securelevel and ipfw zero
Message-ID:  <>
References:  <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
:I just thought of a bad thing.  If you allowed the counters to be zero'd
:(or advanced) at securelevel == 3, then a 'malicious user' could write a
:cronjob to continually reset them and cause a DoS attack on the system
:(or in the case of advance, reset them to ridiculously high values),
:thus filling up the disk.
:However, one could argue that *IF* they have root, they could just as
:easily fill the disk with garbage and cause the same attack, ie;
:# dd if=/dev/zero of=/var/log/misc

    The hacker w/ root would have to be a complete bozo to write a cron job
    or loop to clear the ipfw counters rather then do something else that
    really blows the machine away!  It isn't a scenario that fills me with

To Unsubscribe: send mail to
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <>