Date: Thu, 29 Oct 1998 10:42:39 -0600 (CST) From: Mike Jenkins <mjenkins@carp.gbr.epa.gov> To: wjv@cityip.co.za Cc: freebsd-security@FreeBSD.ORG Subject: Re: Connections succeed even though denied by IPFW Message-ID: <199810291642.KAA12888@carp.gbr.epa.gov> In-Reply-To: <19981029143547.A15193@cityip.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Thu, 29 Oct 1998 14:35:47 +0200 > From: Johann Visagie <wjv@cityip.co.za> > > Problem solved. It was all due to a gross misconfiguration of IPFW rules by > yours truly. Worse, this situation has persisted for some months - time to > do a thorough security audit on the box in question. :-( Brings back memories of the classic packet filtering paper by Brent Chapman entitled "Network (In)Security Through IP Packet Filtering". Things have improved with packet filters but it can still be difficult to get it right. Of course, you might run a scanner (nmap) to see if your rules are working. Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199810291642.KAA12888>