Date: Thu, 30 Nov 2000 10:29:42 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Rasputin <rasputin@FreeBSD-uk.eu.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: NATD: failed to write packet back (Permission denied) Message-ID: <200011301529.KAA29203@khavrinen.lcs.mit.edu> In-Reply-To: <20001130113515.A72030@dogma.freebsd-uk.eu.org> References: <20001126140033.E70192@149.211.6.64.reflexcom.com> <3A218C5B.9F677E51@FreeBSD.org> <200011270130.UAA88239@khavrinen.lcs.mit.edu> <3A221402.D88321D8@softweyr.com> <14882.49100.131730.989201@nomad.yogotech.com> <3A24AC77.51EF28C@softweyr.com> <200011291507.KAA16392@khavrinen.lcs.mit.edu> <3A253A44.D7EA9113@softweyr.com> <200011291802.NAA17650@khavrinen.lcs.mit.edu> <14885.22348.875384.616155@nomad.yogotech.com> <20001130113515.A72030@dogma.freebsd-uk.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Thu, 30 Nov 2000 11:35:15 +0000, Rasputin <rasputin@FreeBSD-uk.eu.org> said: > There are many network services that don't run from inted/tcp-wrappers/etc, > having their own (dubious?) security mechanisms. > It's safer to block inbound access to that port if unneeded, especially if > you don't have time to wade through cryptic access restiction docs. Safer still not to run applications whose access-control model you don't fully understand. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011301529.KAA29203>