The FreeBSD Diary

(TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.

FreeBSD Support

New Topic | Go to Top | Go to Topic | Search | Log In

Newer Topic | Older Topic

SECURITY HOLE IN FREEBSD IPFW

Author: elmer FUD
Date: 24-01-01 04:12

Just when you thought FreeBSD was better than Linux at firewalling.

http://www.bsdtoday.com/2001/January/Security393.html

"Remote attackers who construct TCP packets with the ECE flag set may bypass certain ipfw rules, allowing them to potentially circumvent the firewall."

Guess I'll have to boot Linux until I get this GAPING security hole fixed. F*ck!

Reply To This Message

Re: SECURITY HOLE IN FREEBSD IPFW

Author: JM
Date: 24-01-01 10:35

Actually, FUD, the patch was available before you posted. Too bad you can't get your facts straight.

See <a href="http://docs.freebsd.org/cgi/getmsg.cgi?fetch=0+0+current/freebsd-security-notifications">http://docs.freebsd.org/cgi/getmsg.cgi?fetch=0+0+current/freebsd-security-notifications</a>

Get away troll.

Reply To This Message

Re: SECURITY HOLE IN FREEBSD IPFW

Author: Don Brearley
Date: 24-01-01 15:05

haha thats the funniest thing ive seen all week.

- Don

Reply To This Message

Re: SECURITY HOLE IN FREEBSD IPFW

Author: el_kab0ng
Date: 24-01-01 15:42

hehehe...as much as we go off half cocked, though... even we can seem moronic at times. =/ (just trying to keep it civil - even though we all know FreeBSD 0wnz)

Reply To This Message

Re: SECURITY HOLE IN FREEBSD IPFW

Author: Jesse Ahrens
Date: 26-01-01 18:46

Or you could use ipfilter in addition to the ipfw rules.

Reply To This Message

Forum List | Threaded View

Newer Topic | Older Topic

How to get the most out of the forum