Date: Fri, 24 Sep 1999 11:28:18 -0700 From: Deepwell Internet <freebsd@deepwell.com> To: nate@mt.sri.com (Nate Williams), freebsd-security@freebsd.org Subject: Re: default rc.firewall Message-ID: <4.2.0.58.19990924112627.018902c0@mail1.dcomm.net> In-Reply-To: <199909241733.LAA27644@mt.sri.com> References: <4.2.0.58.19990924111600.04809a90@localhost> <3.0.5.32.19990923152232.007c94c0@memes.com> <4.2.0.58.19990924111600.04809a90@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
> >Building a firewall is somtimes a hit/miss proposition because you never >know *what* kind of traffic is being generated on a LAN, and what I've >found is that too often I shut someone down from doing something they >think they want. > >(On the other hand, with the number of hacks available to the world, >we've been able to convince the users and management that some of the >'nice' services they like are no longer a good idea, usually by pointing >them to a CERT advisory and/or similar document explaing how we can get >broken into with the service. :( ) This happens to us quite frequently where we think we're implementing a good filter rule and someone comes along and say "But I want to share my win98 drives to the Internet" or something equally stupid. Hrrrmph. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.0.58.19990924112627.018902c0>