Date: Thu, 17 Sep 1998 22:53:19 +0000 From: Niall Smart <rotel@indigo.ie> To: Terry Lambert <tlambert@primenet.com>, sthaug@nethelp.no Cc: hackers@FreeBSD.ORG, questions@FreeBSD.ORG Subject: Re: problem using 3 x znyx314 cards for 12 de ethernets Message-ID: <199809172153.WAA01841@indigo.ie> In-Reply-To: <199809152109.OAA25292@usr09.primenet.com>; Terry Lambert <tlambert@primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 15, 9:09pm, Terry Lambert wrote: } Subject: Re: problem using 3 x znyx314 cards for 12 de ethernets > > > > I agree that this is the best place for it - but I'd also like FreeBSD > > systems to be secure against smurf attacks out of the box, even if the > > router/firewall/whatever lets IP broadcast through (and translates it > > to link-level broadcast). > > And what about NFS hijack, SMB hijack, source routing, IP spoofing, > etc.? These are different issues, someone can be partly responsible for a smurf attack without ever realising it and (more importantly) without _their_ security/quality of service being compromised. I don't care how many boxes get hacked as long as they aren't mine, but it's reasonable to complain about a configuration which makes it too easy for script kiddies to exploit the ineptitude or carelessness of admins to affect _other_ competant and careful admins boxes. It's akin to shipping sendmail with open relaying. Niall -- Niall Smart, rotel@indigo.ie. Amaze your friends and annoy your enemies: echo '#define if(x) if (!(x))' >> /usr/include/stdio.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809172153.WAA01841>