[Gllug] My firewall is rooted

[Stephen Harker]

On Monday 15 July 2002 21:04, tet at accucard.com wrote:
> refused to forward packets between interfaces, which is pretty terminal
> for a firewall :-) I *will* get round to upgrading at some point, but
> I'm not in a great hurry.
>
> Just curious -- what version was the compromised box running? The OpenBSD
> security advisories imply that 2.9 is secure, despite the fact that its
> running sshd-2.9, which is theoretically one of the vulnerable ones...
It was 3.1. Just a vanilla install with 'everything' switched off in rc.conf 
except sshd, syslog and cron. Plus ip.forwarding on and some pf and nat 
rules.
I had only updated it because I figured 2.8 was a bit long in the tooth now 
but I should have done a bit of reading first I guess! It had been sitting 
there since Feb 2001 untouched, unhacked and except for a power cut last 
July, basically un-rebooted as well.
I did read somewhere that someone had ported debian to the BSD kernel or was 
that apt-get to OpenBSD or some such combination? I must say, groovy though 
Linux is, a Debian GNU/BSD based on OpenBSD would be my dream OS at the 
moment. If that makes sense. OpenBSD system/kernel with apt-get packaging 
tools. 
Steve
-- 
Stephen Harker
steve at pauken.co.uk

"The sooner we fall behind, the longer we have to catch up!"


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug