Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Re: Compare pf with IPTables

From: Aaron Cheek <aaron_cheek(at)yahoo.com>
Date: Sat Jan 04 2003 - 22:44:35 EST

>> it's for nothing more than information gathering,
and
>> why would anyone let ICMP through their firewall
anyway?)
> Because ping isn't evil.

Did you already forget about loki? A wonderful covert channel over "harmless" icmp ping messages.

http://www.phrack.org/show.php?p=49&a=6

I insist: if you don't need it, don't allow it.

Aaron
Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com Received on Sat Jan 4 22:46:29 2003

This message: [ Message body ]
Next message: MikeM: "Re: Compare pf with IPTables"
Previous message: Theo de Raadt: "Re: [OT]Re: Compare pf with IPTables"
Maybe in reply to: Bjorn: "Compare pf with IPTables"
In reply to Andrew Rucker Jones: "Re: Compare pf with IPTables"
Next in thread: Theo de Raadt: "Re: Compare pf with IPTables"
Reply: Theo de Raadt: "Re: Compare pf with IPTables"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:32:15 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library