Firewall Wizards mailing list archives
Re: a cutting-edge open-source network security project
From: Thomas Ptacek <tqbf () matasano com>
Date: Wed, 19 May 2010 12:00:12 -0500
You're right, but that's kind of a straightforwardly-solved problem, isn't it? Just park it behind SSH. The heresies involved in Travis' project are much more violent than the command/control channel. Interested in your real thoughts. On May 18, 2010, at 7:49 PM, Darren Reed wrote:
On 2/05/10 03:48 PM, travis+ml-firewalls () subspacefield org wrote:Quoting: http://www.subspacefield.org/security/dfd/... How do you authenticate connections to the dfd daemon? If all I need is netcat (as per the example in your web page above), then that doesn't speak too highly of the security of the daemon itself. Are you effectively giving all users that can connect to it root level privilege on the firewall? Darren _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
--- Thomas Ptacek // matasano security // founder, product manager read us on the web: http://chargen.matasano.com check out playbook: http://runplaybook.com reach me direct: 888-677-0666 x7805 "The truth will set you free. But not until it is finished with you."
Attachment:
smime.p7s
Description:
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- a cutting-edge open-source network security project travis+ml-firewalls (May 03)
- Re: a cutting-edge open-source network security project Frank Knobbe (May 06)
- Re: a cutting-edge open-source network security project ArkanoiD (May 07)
- Re: a cutting-edge open-source network security project travis+ml-firewalls (May 17)
- Re: a cutting-edge open-source network security project travis+ml-firewalls (May 07)
- Re: a cutting-edge open-source network security project ArkanoiD (May 07)
- Re: a cutting-edge open-source network security project Darren Reed (May 19)
- Re: a cutting-edge open-source network security project Thomas Ptacek (May 20)
- Re: a cutting-edge open-source network security project Darren Reed (May 20)
- Re: a cutting-edge open-source network security project Thomas Ptacek (May 20)
- Re: a cutting-edge open-source network security project Frank Knobbe (May 06)