Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: a cutting-edge open-source network security project

From: Thomas Ptacek <tqbf () matasano com>
Date: Wed, 19 May 2010 12:00:12 -0500
You're right, but that's kind of a straightforwardly-solved problem, isn't it? Just park it behind SSH. 

The heresies involved in Travis' project are much more violent than the command/control channel. Interested in your 
real thoughts.

On May 18, 2010, at 7:49 PM, Darren Reed wrote:


On  2/05/10 03:48 PM, travis+ml-firewalls () subspacefield org wrote:

Quoting:
http://www.subspacefield.org/security/dfd/


...

How do you authenticate connections to the dfd daemon?

If all I need is netcat (as per the example in your web
page above), then that doesn't speak too highly of the
security of the daemon itself.

Are you effectively giving all users that can connect
to it root level privilege on the firewall?

Darren

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



---
Thomas Ptacek // matasano security // founder, product manager
read us on the web: http://chargen.matasano.com
check out playbook: http://runplaybook.com
reach me direct: 888-677-0666 x7805

"The truth will set you free. But not until it is finished with you."

Attachment: smime.p7s
Description: 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: