From owner-freebsd-security Sun Jul 16 13:37:10 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.utfors.se (mail.utfors.se [195.58.103.125]) by hub.freebsd.org (Postfix) with ESMTP id B3FB237B878 for ; Sun, 16 Jul 2000 13:37:05 -0700 (PDT) (envelope-from watchman@ludd.luth.se) Received: from ludd.luth.se (md4691477.utfors.se [212.105.20.119]) by mail.utfors.se (8.8.8/8.8.8) with ESMTP id WAA20203; Sun, 16 Jul 2000 22:36:53 +0200 (MET DST) Message-ID: <39721CE4.A8E681E9@ludd.luth.se> Date: Sun, 16 Jul 2000 22:36:52 +0200 From: Joachim =?iso-8859-1?Q?Str=F6mbergson?= Organization: Acne X-Mailer: Mozilla 4.72 [en] (X11; I; FreeBSD 4.0-STABLE i386) X-Accept-Language: en-US MIME-Version: 1.0 To: FreeBSD-SECURITY , Mark Murray Subject: Status of FreeBSD security work? Audit, regression and crypto swap? Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi! If my memory serves me right, Mark Murray started off a thread in Current about douing security audits of FreeBSD. This was around November 1999. I was too busy to keep track, but it went up on my 'check it out'-list. Now I seem to have a bit more time off and decided to see if I could be of some help to somebody. I subscribed to this list (FreeBSD-security) a few weeks back and hanged back to see if I could fathom the status of work from what came through the mailpipe. So far I've seen lots of, in some way of perspective, interesting mails, but not that much that seemed to relate to secutity audits. (1) So, what's the status of the FreeBSD security audit? Anything that could need a hand? Some other questions very much related to security: (2) I took a look at the OpenBSD sources (looked or browed - superficial in any case). Judging by what I saw, it seems that OpenBSD as part of it's source have a whole bunch of test cases for regression run purposes. I don't know what they stress, but from my HW-experience, regression runs are a great way to improve system quality. I know I do a buildworld on a regular basis after cvsupping, but that does not stress the whole system by a long shot. So, has anybody looked at the regression stuff for OpenBSD? Anything for FreeBSD? How is the FreeBSD system tested normally by folks out there? Can we do better? (3) OpenBSD 2.7 introduced crypto swap. After reading through mr Provos paper about crypto swap (and the stuff he found on his swap, among other things), I got interested in trying this out myself. Is anybody looking at this for FreeBSD? Would it be a good idea, anything of value for FreeBSD? Ok, lots of questions. If I have gone over the line, insulted anbody or missed the obvious, then I apologize right now. If so, please inform me by private email, but don't let me be the one causing the next 'DoS' in the maillist. ;-) -- Cheers! Joachim - Alltid i harmonisk svängning --- FairLight ------ FairLight ------ FairLight ------ FairLight --- Joachim Strömbergson ASIC SoC designer, nice to CUTE animals Phone: +46(0)31 - 27 98 47 Web: http://www.ludd.luth.se/~watchman --------------- Spamfodder: regeringen@regeringen.se --------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Jul 16 14:19:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id C00C637B73E for ; Sun, 16 Jul 2000 14:19:12 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 21499 invoked by uid 1000); 16 Jul 2000 21:19:10 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 16 Jul 2000 21:19:10 -0000 Date: Sun, 16 Jul 2000 16:19:10 -0500 (CDT) From: Mike Silbersack To: Joachim =?iso-8859-1?Q?Str=F6mbergson?= Cc: security@freebsd.org Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-Reply-To: <39721CE4.A8E681E9@ludd.luth.se> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 16 Jul 2000, Joachim [iso-8859-1] Str=F6mbergson wrote: > (3) OpenBSD 2.7 introduced crypto swap. After reading through mr Provos > paper about crypto swap (and the stuff he found on his swap, among other > things), I got interested in trying this out myself. Is anybody looking > at this for FreeBSD? Would it be a good idea, anything of value for > FreeBSD? The idea does sound interesting. However, I can't find the paper you reference on the openbsd site. Where is it located? Thanks, Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Jul 16 15: 8:44 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 92C6837B91F; Sun, 16 Jul 2000 15:08:39 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id PAA88167; Sun, 16 Jul 2000 15:08:38 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sun, 16 Jul 2000 15:08:38 -0700 (PDT) From: Kris Kennaway To: Joachim =?iso-8859-1?Q?Str=F6mbergson?= Cc: FreeBSD-SECURITY , Mark Murray Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-Reply-To: <39721CE4.A8E681E9@ludd.luth.se> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 16 Jul 2000, Joachim [iso-8859-1] Str=F6mbergson wrote: > (1) So, what's the status of the FreeBSD security audit? Anything that > could need a hand? The mailing list is freebsd-audit - activity has dropped off significantly, but there is still a lot to be done. Check the archives for a list of outstanding problems. After 4.1-REL I'm going to try and re-marshal the troops and get some activity happening again. > Some other questions very much related to security: >=20 > (2) I took a look at the OpenBSD sources (looked or browed - superficial > in any case). Judging by what I saw, it seems that OpenBSD as part of > it's source have a whole bunch of test cases for regression run > purposes. I don't know what they stress, but from my HW-experience, > regression runs are a great way to improve system quality. I know I do a > buildworld on a regular basis after cvsupping, but that does not stress > the whole system by a long shot. So, has anybody looked at the > regression stuff for OpenBSD? Anything for FreeBSD? How is the FreeBSD > system tested normally by folks out there? Can we do better? Well, this isn't really related to security..and we don't have anything formal in place. Your efforts would be appreciated though. > (3) OpenBSD 2.7 introduced crypto swap. After reading through mr Provos > paper about crypto swap (and the stuff he found on his swap, among other > things), I got interested in trying this out myself. Is anybody looking > at this for FreeBSD? Would it be a good idea, anything of value for > FreeBSD? With some forthcoming changes by Poul-Henning Kamp it should be pretty easy to do..though it likely won't be back-ported to 4.x. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Jul 16 18:38:47 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 2799E37B7E3 for ; Sun, 16 Jul 2000 18:38:37 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id TAA28084; Sun, 16 Jul 2000 19:38:16 -0600 (MDT) Message-Id: <4.3.2.7.2.20000716145126.049d4ba0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Sun, 16 Jul 2000 19:37:54 -0600 To: Wes Peters From: Brett Glass Subject: Re: Two kinds of advisories? Cc: security@FreeBSD.ORG In-Reply-To: <397159C8.76E5E29@softweyr.com> References: <4.3.2.7.2.20000713132400.04b73af0@localhost> <4.3.2.7.2.20000713135632.04b63890@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wes: I agree with everything you've said except for one point. At 12:44 AM 7/16/2000, Wes Peters wrote: >I'm not sure, Brett, that this would really help your situation that much. >>From the way you describe your clients, it seems they're probably not >capable of discerning the difference unless you spoon-feed it to them. >Maybe you could make a bar graph or a pie chart for them? ;^) I wish this would help! However, the situation is anaogous to being a doctor and fielding questions about general health matters. A patient scans the rack of magazines on the local newsstand or in the library and sees a headline on a medical journal: "Orange Juice Carcinogen Warning." He's not an idiot, but also realizes that he doesn't know enough to understand the jargon. So he asks YOU whether this affects him and relates to the particular brand of juice he drinks. That's similar to what's happening here. If the headline doesn't put a scare into the user/patient, everyone is better off. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Jul 16 18:52:12 2000 Delivered-To: freebsd-security@freebsd.org Received: from ares.trc.adelaide.edu.au (ares.trc.adelaide.edu.au [129.127.246.5]) by hub.freebsd.org (Postfix) with ESMTP id DFC7C37B836 for ; Sun, 16 Jul 2000 18:52:03 -0700 (PDT) (envelope-from glewis@ares.trc.adelaide.edu.au) Received: (from glewis@localhost) by ares.trc.adelaide.edu.au (8.9.3/8.9.3) id LAA94006; Mon, 17 Jul 2000 11:21:43 +0930 (CST) (envelope-from glewis) From: Greg Lewis Message-Id: <200007170151.LAA94006@ares.trc.adelaide.edu.au> Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-Reply-To: <39721CE4.A8E681E9@ludd.luth.se> from "Joachim [Str_mbergson]" at "Jul 16, 2000 10:36:52 pm" To: "Joachim [Str_mbergson]" Date: Mon, 17 Jul 2000 11:21:43 +0930 (CST) Cc: freebsd-security@freebsd.org X-Mailer: ELM [version 2.4ME+ PL70 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Joachim [Str_mbergson] wrote: > (1) So, what's the status of the FreeBSD security audit? Anything that > could need a hand? You need the freebsd-audit list :) > (3) OpenBSD 2.7 introduced crypto swap. After reading through mr Provos > paper about crypto swap (and the stuff he found on his swap, among other > things), I got interested in trying this out myself. Is anybody looking > at this for FreeBSD? Would it be a good idea, anything of value for > FreeBSD? I think the recent import of TCFS into OpenBSD is also fairly interesting. -- Greg Lewis glewis@trc.adelaide.edu.au Computing Officer +61 8 8303 5083 Teletraffic Research Centre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sun Jul 16 19: 8:23 2000 Delivered-To: freebsd-security@freebsd.org Received: from ns1.uscreativetypes.com (ns1.uscreativetypes.com [199.45.183.33]) by hub.freebsd.org (Postfix) with ESMTP id 33AD437B6AB for ; Sun, 16 Jul 2000 19:08:14 -0700 (PDT) (envelope-from joe@ns1.uscreativetypes.com) Received: from localhost (localhost [127.0.0.1]) by ns1.uscreativetypes.com (8.10.0/8.9.3) with ESMTP id e6H1exl52647; Sun, 16 Jul 2000 19:40:59 -0600 (MDT) (envelope-from joe@ns1.uscreativetypes.com) Date: Sun, 16 Jul 2000 19:40:59 -0600 (MDT) From: "Jumpin' Joe Schroedl" X-Sender: joe@localhost To: Brett Glass Cc: Wes Peters , freebsd-security@FreeBSD.ORG Subject: Re: Two kinds of advisories? In-Reply-To: <4.3.2.7.2.20000716145126.049d4ba0@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 16 Jul 2000, Brett Glass wrote: > > I wish this would help! However, the situation is anaogous to being a > doctor and fielding questions about general health matters. A patient > scans the rack of magazines on the local newsstand or in the library > and sees a headline on a medical journal: "Orange Juice Carcinogen > Warning." He's not an idiot, but also realizes that he doesn't know > enough to understand the jargon. So he asks YOU whether this affects > him and relates to the particular brand of juice he drinks. > > That's similar to what's happening here. If the headline doesn't > put a scare into the user/patient, everyone is better off. > > --Brett > Brett: I disagree with your analogy to a point; I believe email is not analogous to a scanned headline on a local newstand -- the headline is not solicited by the viewer like email, nor is a headline intended to be clear. Instead, a headline is meant to grab attention. I think this is a better analogy: A doctor owns a Porsche (excuse my prejudice that every wealthy person drives a Porsche ;). One day, he recieves a letter in the mail from Porsche with the message printed on the envelope 'Important Recall Information Inside.' Now should the Doctor a) panic and call his mechanic or b) open the letter and *read* it. Common sense dictates that a 'Recall' message could mean anything from a 'not-so-cold' air conditioner to a serious safety defect. Although the letter may refer to parts he might not know he has (rack and peanut steering, zum beispiel), he still can understand the basic gist of the warning. Either way, most people would simply read the letter to find out, and then take the appropriate action. It comes down to this; a little knowledge is a dangerous thing. By subscribing your clients to securities lists, you are imparting them with only a little knowledge, a partial picture of the whole which they have no ability to fill in themselves. With this little knowledge they can really do more damage than good, and that damage you are experiencing personally in lost time and generally irritability. I think you should either desubscribe them to the respective securities lists, and then set up a list which you subscribe them to where you personally filter the info or how it is presented. Either that or draft some document which explains to them what the header message means (really, what a Port is) and when they should be concerned. In other words, (and not to be harsh), take responsibility for correcting a problem you yourself probably caused. Good luck. Joe > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 8:55:45 2000 Delivered-To: freebsd-security@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 500C837BA44 for ; Mon, 17 Jul 2000 08:54:21 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id LAA02740; Mon, 17 Jul 2000 11:54:14 -0400 (EDT) (envelope-from wollman) Date: Mon, 17 Jul 2000 11:54:14 -0400 (EDT) From: Garrett Wollman Message-Id: <200007171554.LAA02740@khavrinen.lcs.mit.edu> To: Leif Neland Cc: security@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak In-Reply-To: References: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > If you can't reach a NTP server, you are not connected to the internet. In > that case you don't need to worry so much about security... Unless, of course, the reason your machine is not connected to the Internet is in order that it be able to provide some critical security functionality. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 9:35: 5 2000 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id E69AE37B8D6 for ; Mon, 17 Jul 2000 09:34:57 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id MAA44291; Mon, 17 Jul 2000 12:33:59 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 17 Jul 2000 12:33:58 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Garrett Wollman Cc: Leif Neland , security@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak In-Reply-To: <200007171554.LAA02740@khavrinen.lcs.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ok, I missed whatever post prompted this, but I can certainly express opinions :-). On Mon, 17 Jul 2000, Garrett Wollman wrote: > < said: > > > If you can't reach a NTP server, you are not connected to the internet. In > > that case you don't need to worry so much about security... > > Unless, of course, the reason your machine is not connected to the > Internet is in order that it be able to provide some critical security > functionality. I concur. In fact, I am not so worried about what gets in -- stopping that is easy, it's preventing things from getting out. So it's easy for my to hypothesize a situation in which traffic, such as NTP, is specifically blocked from going out the door, yet there are still security concerns with incoming traffic and attackers. A multi-layered defense nees individual layers to remain resilient even in the face of the failure of preceeding layers. In fact, you can even imagine (pretty easily) attacks that involve cutting off accessing to remote time services. For example, in Kerberos environments, limiting access to time services can be a potent attack, both from the DoS perspective, and pushing custom applications outside of their normal operation bounds (as well as operators, who do bizarre things when faced with failures, like try to make use of unencrypted login when encrypted login fails). As well as attacks against NFS with drifting clocks that result in improper behavior, same with digital signatures and certificates. So without knowledge of the context, there are limited claims I can make about the accuracy of the statement, but in the broad case (and specifically my environment), I'd say that security services should use NTP when available, but failing when it is not is not a good thing :-) Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 9:57: 2 2000 Delivered-To: freebsd-security@freebsd.org Received: from haldjas.folklore.ee (Haldjas.folklore.ee [193.40.6.121]) by hub.freebsd.org (Postfix) with ESMTP id DA84237B6F7; Mon, 17 Jul 2000 09:56:56 -0700 (PDT) (envelope-from narvi@haldjas.folklore.ee) Received: from localhost (narvi@localhost) by haldjas.folklore.ee (8.9.3/8.9.3) with SMTP id SAA58794; Mon, 17 Jul 2000 18:56:52 +0200 (EET) (envelope-from narvi@haldjas.folklore.ee) Date: Mon, 17 Jul 2000 18:56:51 +0200 (EET) From: Narvi To: Robert Watson Cc: Brett Glass , Susie Ward , security@FreeBSD.ORG Subject: Re: Two kinds of advisories? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 13 Jul 2000, Robert Watson wrote: Well, I am somwhat behind the time reading lists for the moment, but: > > Here's a recent sample: > > Subject: FreeBSD Ports Security Advisory: FreeBSD-SA-00:29.wu-ftpd > Maybe reformating these to read: Subject: Ports Security Advisory FreeBSD-SA-00:29.wu-ftpd (FreeBSD) and for "freebsd proper" Subject: System Security Advisory FreeBSD-SA-**** (FreeBSD) would make it easier for these kinds of people? > > Robert N M Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > TIS Labs at Network Associates, Safeport Network Services > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 10: 2:33 2000 Delivered-To: freebsd-security@freebsd.org Received: from haldjas.folklore.ee (Haldjas.folklore.ee [193.40.6.121]) by hub.freebsd.org (Postfix) with ESMTP id 53D6437B5CC for ; Mon, 17 Jul 2000 10:02:30 -0700 (PDT) (envelope-from narvi@haldjas.folklore.ee) Received: from localhost (narvi@localhost) by haldjas.folklore.ee (8.9.3/8.9.3) with SMTP id TAA58825; Mon, 17 Jul 2000 19:01:42 +0200 (EET) (envelope-from narvi@haldjas.folklore.ee) Date: Mon, 17 Jul 2000 19:01:42 +0200 (EET) From: Narvi To: Wes Peters Cc: Brett Glass , "David G. Andersen" , security@FreeBSD.ORG Subject: Re: Two kinds of advisories? In-Reply-To: <396E253C.A07A93D7@softweyr.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 13 Jul 2000, Wes Peters wrote: > Brett Glass wrote: > > > > Many of them don't read the disclaimers because they're scanning the > > subject lines. When they see one with "FreeBSD" in it, some of them > > call in a panic. They often don't read the message because they > > believe that they won't understand it. > > > > Yes, I know, it'd be nice if they weren't so clueless about computer > > security and FreeBSD, but then, they're experts in their own fields, > > which WE don't know much about. Instead of writing them off, why > > not make the subject lines clearer? > > Why not just educate them to RTFMessage? They clearly say "FreeBSD ports", > all you need to do is educate them about what that means. > But: 'FreeBSD ports' in there might just aswell mean ports *OF* FreeBSD. Yes, there is just one other (alpha) at the moment. > -- > "Where am I, and what am I doing in this handbasket?" > > Wes Peters Softweyr LLC > wes@softweyr.com http://softweyr.com/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 10: 4:33 2000 Delivered-To: freebsd-security@freebsd.org Received: from haldjas.folklore.ee (Haldjas.folklore.ee [193.40.6.121]) by hub.freebsd.org (Postfix) with ESMTP id 98EA037B9BE for ; Mon, 17 Jul 2000 10:04:29 -0700 (PDT) (envelope-from narvi@haldjas.folklore.ee) Received: from localhost (narvi@localhost) by haldjas.folklore.ee (8.9.3/8.9.3) with SMTP id TAA58868; Mon, 17 Jul 2000 19:04:13 +0200 (EET) (envelope-from narvi@haldjas.folklore.ee) Date: Mon, 17 Jul 2000 19:04:13 +0200 (EET) From: Narvi To: Justin Wolf Cc: security@FreeBSD.ORG Subject: Re: Displacement of Blame[tm] In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 13 Jul 2000, Justin Wolf wrote: > Maybe I missed it in this really long thread somewhere, but why do we have > to say that it concerns FreeBSD at all? If it's a bug/hole in a port, it > has nothing to do with FreeBSD except for the fact that the user MAY have > installed this port, which of course comes from a third party, but was > compiled by the FreeBSD organization. > Because the ports/packages are on the CDs. As "we" distribute them, it is only nice "we" acknowlege an inform people of the vulnerabilities. "We" being the project in this case, I guess. [snip] > -Justin > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 10:20:11 2000 Delivered-To: freebsd-security@freebsd.org Received: from haldjas.folklore.ee (Haldjas.folklore.ee [193.40.6.121]) by hub.freebsd.org (Postfix) with ESMTP id EF76037BA9F for ; Mon, 17 Jul 2000 10:20:04 -0700 (PDT) (envelope-from narvi@haldjas.folklore.ee) Received: from localhost (narvi@localhost) by haldjas.folklore.ee (8.9.3/8.9.3) with SMTP id TAA59097; Mon, 17 Jul 2000 19:19:54 +0200 (EET) (envelope-from narvi@haldjas.folklore.ee) Date: Mon, 17 Jul 2000 19:19:54 +0200 (EET) From: Narvi To: Justin Wolf Cc: security@FreeBSD.ORG Subject: Re: Displacement of Blame[tm] In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 13 Jul 2000, Justin Wolf wrote: > > 1. The method that the person recieves the at risk program is from > > FreeBSD. IE: I installed it from the ports collection. While the > > software it's self is not developed by FreeBSD, the distribution > > method is. I imagine this is something similar to Toys'R'Us removing > > a dangerous toy from their shelves and telling the whole world about > > it. Toys'R'us didn't make they toy, but there are responsible for > > making it available to the portion of the public that shops there. > > Everyone know's Toys 'R' Us doesn't make toys, so it can be assumed it's > not their fault the toy was dangerous. FBSD does, however, make > software. So the distinction is a little more blurred (nevermind the > fact that FBSD is an OS and the ports are applications... this is a little > too gray of an area for most users - I know some people who think Word is > an OS). > I'm sure Toys'R'Us doesn't stand a chance in a court if a child chokes on details of a toy bought from Toys'R'Us and it did not have the "Not suitable for children under X years" sign. Not giving out the ports advisories would be extremely bad perfomance - and I really doubt that's what is in question. > > -Justin > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 10:30:11 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 6EECE37BA60 for ; Mon, 17 Jul 2000 10:30:06 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id LAA04553; Mon, 17 Jul 2000 11:29:29 -0600 (MDT) Message-Id: <4.3.2.7.2.20000717112703.04ce6250@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 17 Jul 2000 11:29:21 -0600 To: "Jumpin' Joe Schroedl" From: Brett Glass Subject: Re: Two kinds of advisories? Cc: Wes Peters , freebsd-security@FreeBSD.ORG In-Reply-To: References: <4.3.2.7.2.20000716145126.049d4ba0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 07:40 PM 7/16/2000, Jumpin' Joe Schroedl wrote: >A doctor owns a Porsche (excuse my prejudice that every wealthy person >drives a Porsche ;). One day, he recieves a letter in the mail from >Porsche with the message printed on the envelope 'Important Recall >Information Inside.' Now should the Doctor a) panic and call his mechanic >or b) open the letter and *read* it. Common sense dictates that a >'Recall' message could mean anything from a 'not-so-cold' air conditioner >to a serious safety defect. Whatever happens, though, the word will get out that Porsche is issuing recall notices, and it will hurt their brand. That's one of the effects we're seeing here. What's more, it can be fixed by reformatting ONE LINE of each advisory in a way that simply makes it more clear where the problem lies. Making things more clear never hurts, IMHO. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 14:44:48 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.utfors.se (mail.utfors.se [195.58.103.125]) by hub.freebsd.org (Postfix) with ESMTP id 1EBF937B585 for ; Mon, 17 Jul 2000 14:44:42 -0700 (PDT) (envelope-from watchman@ludd.luth.se) Received: from ludd.luth.se (md46928fb.utfors.se [212.105.40.251]) by mail.utfors.se (8.8.8/8.8.8) with ESMTP id XAA22255 for ; Mon, 17 Jul 2000 23:44:38 +0200 (MET DST) Message-ID: <39737E45.BBA1BA16@ludd.luth.se> Date: Mon, 17 Jul 2000 23:44:37 +0200 From: Joachim =?iso-8859-1?Q?Str=F6mbergson?= Organization: Acne X-Mailer: Mozilla 4.72 [en] (X11; I; FreeBSD 4.0-STABLE i386) X-Accept-Language: en-US MIME-Version: 1.0 To: FreeBSD-SECURITY Subject: More about crypto swap, regression and audits. Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Aloha! Thanks all for the many great responses. In this mail I'll try to give some references some thoughts on a strategy and some other stuff. Judging by the comments, there actually seems to be a few things I could play with that might turn out to be of some use for FreeBSD. Good. ;-) (1) The FreeBSD Audit. > You need the freebsd-audit list :) Thanks. I'll sign up for it... Done. I'll check it out, both the list and the archives. I look forward to Kris ralleying the troops for it. (2) Regression I believe that quality assurance is part of verifying that old, hunted bugs aren't reintroduced, new problems have appeared and so on between updates. We use this model at work to verify for example that our tools behave as expected after we have gotten an upgrade/bugfix. Therefore I feel it relates to security stuff (somehow). Anyway, I will try to talk to the OpenBSD folks to see if I can fathom the regression stuff they have, what they stress, the rationale for it and so on. Then I'll if I can move parts of it to FreeBSD. Sounds good? Should I report back to this list or some other list about this? (3) Crypto swap This seemed to be interesting. Several of you responded about references to articles. Ok, the author of the crypto swap stuff in FreeBSD is a PhD Student and hacker named Niels Provos. He has written some articles with Theo et al that can be found on the http://www.openbsd.org crypto pages. I searched on Niels and by digging around (this could almost be considered as security by obscurity) I found links to the crypto swap paper at the bottom of his CV page. Check out: Niels home page: http://www.citi.umich.edu/u/provos/ His CV page http://www.citi.umich.edu/u/provos/cv.html Crypto Swap paper: http://www.citi.umich.edu/techreports/reports/citi-tr-00-3.ps.gz I found some presentation slides earlier (at work), but can't seem to find them right now. I'll check tomorrow and get back to the list with it. It might also be interesting to read some of the other articles, like the overview of the OpenBSD crypto stuff To answer some of the questions raised about crypto swap. Niels (as reported in the paper) found his own password, an old password, emails, PGP-phrases and other goodies on the swap. In plaintext. The cost of the crypto is amortized and not "that bad" according to the paper. Still, there is a performance hit for running it, and we should probably do what OpenBSD are doing. That is, having crypto swap as a kernel option. Anyway. My current plans/ideas for investigating crypto swap right now are: (I) Get in touch with Niels to get the source and talk with him about my thoughts and so on. I don't want to step on any toes in either project here. I want the OpenBSD folks to know that I, as a wild and crazy (FreeBSD) guy, is interested in what they have done. The target here is to understand the way their implementation is built, where entry points, interfaces to the rest of the system are, requirements and so on. Sounds ok? (II) According to Kris, Poul-Henning Kamp is buzy doing magical things that might affect/relate to the crypto swap stuff. Therefore, I'll drop him a mail too and see what he thinks I should look out for. Ok? That's my general plan right now. Lots of info gathering at the moment. I'll try to do this the next week or so, try to analyze the stuff, and if anybody is interested, try to write up a summary of it. Warning/disclaimer: I'm (or was) a pretty good programmer - but not in C. (My background is a many-years assembler hacker turned into processor architect and ASIC SoC engineer... With some affection for OO programming thrown in for kicks). Also, I'm not familiar with the FreeBSD-style, the methodology for hacking for FreeBSD or so. Therefor, I'll try to do what I think is correct. I'm probably going to have to ask random questions. When I have something to show (plans, stubs, code snippets - even an implementation) I will need help to check it out. In other words, I'll try my best, but don't expect magic code, ok? If anybody thinks I'm out on the loose - plese stop me, otherwise I'm off like a... very fast snail? -- Cheers! Joachim - Alltid i harmonisk svängning --- FairLight ------ FairLight ------ FairLight ------ FairLight --- Joachim Strömbergson ASIC SoC designer, nice to CUTE animals Phone: +46(0)31 - 27 98 47 Web: http://www.ludd.luth.se/~watchman --------------- Spamfodder: regeringen@regeringen.se --------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 14:50:28 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.utfors.se (mail.utfors.se [195.58.103.125]) by hub.freebsd.org (Postfix) with ESMTP id DA21C37B57F for ; Mon, 17 Jul 2000 14:50:19 -0700 (PDT) (envelope-from watchman@ludd.luth.se) Received: from ludd.luth.se (md46928fb.utfors.se [212.105.40.251]) by mail.utfors.se (8.8.8/8.8.8) with ESMTP id XAA22407; Mon, 17 Jul 2000 23:49:40 +0200 (MET DST) Message-ID: <39737F73.5F0D952A@ludd.luth.se> Date: Mon, 17 Jul 2000 23:49:39 +0200 From: Joachim =?iso-8859-1?Q?Str=F6mbergson?= Organization: Acne X-Mailer: Mozilla 4.72 [en] (X11; I; FreeBSD 4.0-STABLE i386) X-Accept-Language: en-US MIME-Version: 1.0 To: Greg Lewis Cc: freebsd-security@freebsd.org Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? References: <200007170151.LAA94006@ares.trc.adelaide.edu.au> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi! Greg Lewis wrote: > I think the recent import of TCFS into OpenBSD > is also fairly interesting. Pretty kewl! Is anybody looking at trying it out for FreeBSD? -- Cheers! Joachim - Alltid i harmonisk svängning --- FairLight ------ FairLight ------ FairLight ------ FairLight --- Joachim Strömbergson ASIC SoC designer, nice to CUTE animals Phone: +46(0)31 - 27 98 47 Web: http://www.ludd.luth.se/~watchman --------------- Spamfodder: regeringen@regeringen.se --------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 16:25: 5 2000 Delivered-To: freebsd-security@freebsd.org Received: from nighthawk.sc2000.net (nighthawk.sc2000.net [205.247.104.22]) by hub.freebsd.org (Postfix) with ESMTP id 0894337B729 for ; Mon, 17 Jul 2000 16:25:01 -0700 (PDT) (envelope-from blakjak@sc2000.net) Received: from sc2000.net (blakjak.sc2000.net [208.5.239.46]) by nighthawk.sc2000.net (8.9.3/8.9.3) with ESMTP id SAA20798 for ; Mon, 17 Jul 2000 18:28:06 -0500 (CDT) Message-ID: <397397F4.842B8488@sc2000.net> Date: Mon, 17 Jul 2000 18:34:12 -0500 From: Stan X-Mailer: Mozilla 4.73 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: security@FreeBSD.ORG Subject: Re: References: <4.3.2.7.2.20000713132400.04b73af0@localhost> <4.3.2.7.2.20000713135632.04b63890@localhost> <4.3.2.7.2.20000716145126.049d4ba0@localhost> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org /* useless complaining/flaming/bickering/however you dismiss it */ > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message It took less than 2 weeks after subscribing to this mailing list... If there a serious mailing list/newsgroup for FreeBSD (preferably moderated), please email me personally. Many thanks to the FreeBSD.org team and all those that contributed useful info. Stan Otken blakjak@sc2000.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 19:21:21 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.gmx.net (pop.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id DD2F437B845 for ; Mon, 17 Jul 2000 19:21:15 -0700 (PDT) (envelope-from Gerhard.Sittig@gmx.net) Received: (qmail 31725 invoked by uid 0); 18 Jul 2000 02:21:11 -0000 Received: from p3e9d5152.dip.t-dialin.net (HELO speedy.gsinet) (62.157.81.82) by mail.gmx.net with SMTP; 18 Jul 2000 02:21:11 -0000 Received: (from sittig@localhost) by speedy.gsinet (8.8.8/8.8.8) id WAA07940 for freebsd-security@FreeBSD.ORG; Mon, 17 Jul 2000 22:17:53 +0200 Date: Mon, 17 Jul 2000 22:17:53 +0200 From: Gerhard Sittig To: freebsd-security@FreeBSD.ORG Subject: Re: Two kinds of advisories? Message-ID: <20000717221753.C24476@speedy.gsinet> Mail-Followup-To: freebsd-security@FreeBSD.ORG References: <4.3.2.7.2.20000716145126.049d4ba0@localhost> <4.3.2.7.2.20000717112703.04ce6250@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <4.3.2.7.2.20000717112703.04ce6250@localhost>; from brett@lariat.org on Mon, Jul 17, 2000 at 11:29:21AM -0600 Organization: System Defenestrators Inc. Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jul 17, 2000 at 11:29 -0600, Brett Glass wrote: > At 07:40 PM 7/16/2000, Jumpin' Joe Schroedl wrote: > > >A doctor owns a Porsche (excuse my prejudice that every > >wealthy person drives a Porsche ;). One day, he recieves a > >letter in the mail from Porsche with the message printed on > >the envelope 'Important Recall Information Inside.' Now > >should the Doctor a) panic and call his mechanic or b) open > >the letter and *read* it. Common sense dictates that a > >'Recall' message could mean anything from a 'not-so-cold' air > >conditioner to a serious safety defect. > > Whatever happens, though, the word will get out that Porsche is > issuing recall notices, and it will hurt their brand. That's > one of the effects we're seeing here. This thread turns out to run in rings around and around. If one fails to make clear that public problem reports are a means of saying "I *do* care" one fights an already lost battle. Do you really believe in "the ones who don't fix bugs (or never admit to have made mistakes) didn't fail"? Is it that hard to transport to your clients and prove "when there's no fix it's not a bug" wrong with real life examples of broken software? > What's more, it can be fixed by reformatting ONE LINE of each > advisory in a way that simply makes it more clear where the > problem lies. Making things more clear never hurts, IMHO. As long as we're talking about people who take 'grep -c $SYSTEM' output as a criterion without reading or respecting context, how are they supposed to get the message? The disclaimer is there. What else would it take to make them see it? Rearranging words won't differ in 'grep -c' results (or in the reception at the equally minded reader). Do we need sprinkling unsubscribe instructions over the subject and the message bodies' start and middle for those who don't scan footers for those things? I don't think so. The ones who can read already get the message. The others simply can't be helped, no matter how hard you try. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 20: 0: 4 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.appliedcard.com (mail.appliedcard.com [207.43.202.218]) by hub.freebsd.org (Postfix) with ESMTP id 146B837B8BB for ; Mon, 17 Jul 2000 20:00:01 -0700 (PDT) (envelope-from Francisco_Izquierdo@appliedcard.com) Received: from bocafwl1.appliedcard.com ([207.43.202.217]) by mail.appliedcard.com (Lotus Domino Release 5.0.2a) with SMTP id 2000071722591050:54628 ; Mon, 17 Jul 2000 22:59:10 -0400 Subject: Secured access To: freebsd-security@freebsd.org X-Mailer: Lotus Notes Release 5.0.2c February 2, 2000 Message-ID: From: Francisco_Izquierdo@appliedcard.com Date: Mon, 17 Jul 2000 22:59:14 -0400 MIME-Version: 1.0 X-MIMETrack: Serialize by Router on BocaRaton1/WILM/ACS(Release 5.0.3 |March 21, 2000) at 07/17/2000 10:59:15 PM, Itemize by SMTP Server on BocaRaton4/WILM/ACS(Release 5.0.2a |November 23, 1999) at 07/17/2000 10:59:10 PM, Serialize by Router on BocaRaton4/WILM/ACS(Release 5.0.2a |November 23, 1999) at 07/17/2000 10:59:14 PM, Serialize complete at 07/17/2000 10:59:14 PM Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have been following this list for a while, and it seems to me this is the right place to pose this question. I have to place a server outside a firewall, unprotected out on the net. I also have to grant telnet access to some users. I would like to limit what access the users have to the machine to just telnet and ftp. I also would like to prevent them from doing anything unauthorized on the server. I understand there are solutions like jail, chroot and rsh. SSH is a possibility as alternative access to telnet, but it still does not tell me how to lock a user in a sandbox. I need to have the users stay in this sandbox even when they are using programs that allow shell escapes, such as vi. Which methods would you use to secure your own box if it was available to anyone without any firewall protection? Regards, Francisco Izquierdo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Mon Jul 17 21:19:27 2000 Delivered-To: freebsd-security@freebsd.org Received: from bsdhome.dyndns.org (rdu25-22-120.nc.rr.com [24.25.22.120]) by hub.freebsd.org (Postfix) with ESMTP id BAD3337B601 for ; Mon, 17 Jul 2000 21:19:23 -0700 (PDT) (envelope-from bsd@bsdhome.com) Received: from vger.bsdhome.com (vger [192.168.220.2]) by bsdhome.dyndns.org (8.9.3/8.9.3) with ESMTP id AAA13005; Tue, 18 Jul 2000 00:19:12 -0400 (EDT) (envelope-from bsd@bsdhome.com) Received: from localhost (bsd@localhost) by vger.bsdhome.com (8.9.3/8.9.3) with ESMTP id AAA48583; Tue, 18 Jul 2000 00:19:12 -0400 (EDT) (envelope-from bsd@vger.bsdhome.com) Date: Tue, 18 Jul 2000 00:19:12 -0400 (EDT) From: Brian Dean To: George.Giles@mcmail.vanderbilt.edu Cc: freebsd-security@FreeBSD.ORG Subject: Re: Firewall allows smtp In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 14 Jul 2000 George.Giles@mcmail.vanderbilt.edu wrote: > My firewall is below. I thought this would only allow ssh in, and anything > local out. SMTP still works even though I think it should be denied. > > Please advise. > > # set these to your outside interface network and netmask and ip > oif="mx0" > onet="24.2.119.0" > omask="255.255.255.0" > oip="X.X.X.X" <- hide the guilty > > # set these to your inside interface network and netmask and ip > iif="mx1" > inet="10.0.0.0" > imask="255.255.255.0" > iip="10.0.0.1" > > # Allow inside out > $fwcmd add divert natd all from any to any via ${oif} > $fwcmd add pass all from any to any The above rule seems to be allowing everything in and out. Turn on logging and verify that this rule gets used when you connect to port 25 (or any other port for that matter). -Brian > > # Stop spoofing > $fwcmd add deny all from ${inet}:${imask} to any in via ${oif} > $fwcmd add deny all from ${onet}:${omask} to any in via ${iif} > > # Stop RFC1918 nets on the outside interface > $fwcmd add deny all from 192.168.0.0:255.255.0.0 to any via ${oif} > $fwcmd add deny all from any to 192.168.0.0:255.255.0.0 via ${oif} > $fwcmd add deny all from 172.16.0.0:255.240.0.0 to any via ${oif} > $fwcmd add deny all from any to 172.16.0.0:255.240.0.0 via ${oif} > $fwcmd add deny all from 10.0.0.0:255.0.0.0 to any via ${oif} > $fwcmd add deny all from any to 10.0.0.0:255.0.0.0 via ${oif} > > # Allow TCP through if setup succeeded > #$fwcmd add pass tcp from any to any established > > # SSH only. > $fwcmd add pass tcp from any to ${oip} 22 setup > > # Allow setup of incoming email > #$fwcmd add pass tcp from any to ${oip} 25 setup > > # Reject&Log all setup of incoming connections from the outside > $fwcmd add deny log tcp from any to any in via ${oif} setup To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 1: 5: 9 2000 Delivered-To: freebsd-security@freebsd.org Received: from axl.ops.uunet.co.za (axl.ops.uunet.co.za [196.31.2.163]) by hub.freebsd.org (Postfix) with ESMTP id A4DB537BC7E for ; Tue, 18 Jul 2000 01:05:02 -0700 (PDT) (envelope-from sheldonh@axl.ops.uunet.co.za) Received: from sheldonh (helo=axl.ops.uunet.co.za) by axl.ops.uunet.co.za with local-esmtp (Exim 3.15 #1) id 13ESMY-000BXX-00; Tue, 18 Jul 2000 10:04:22 +0200 From: Sheldon Hearn To: Joachim =?iso-8859-1?Q?Str=F6mbergson?= Cc: Greg Lewis , freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-reply-to: Your message of "Mon, 17 Jul 2000 23:49:39 +0200." <39737F73.5F0D952A@ludd.luth.se> Date: Tue, 18 Jul 2000 10:04:22 +0200 Message-ID: <44362.963907462@axl.ops.uunet.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 17 Jul 2000 23:49:39 +0200, Joachim =?iso-8859-1?Q?Str=F6mbergson?= wro te: > Greg Lewis wrote: > > I think the recent import of TCFS into OpenBSD > > is also fairly interesting. > > Pretty kewl! Is anybody looking at trying it out for FreeBSD? Is it really cool? I've always thought that crypted swap is a waste of time, given the fact that access to the swap device implies far more serious problems already. Now that we have a reference to Niels' paper, though, we can see what his motivation for developing this was. We should definitely not even consider this until we're sure it's useful. I'd hate to introduce source just for the purposes of keeping our bullet list as long as OpenBSD's. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 1:33: 0 2000 Delivered-To: freebsd-security@freebsd.org Received: from ares.trc.adelaide.edu.au (ares.trc.adelaide.edu.au [129.127.246.5]) by hub.freebsd.org (Postfix) with ESMTP id 733ED37BC49 for ; Tue, 18 Jul 2000 01:32:56 -0700 (PDT) (envelope-from glewis@ares.trc.adelaide.edu.au) Received: (from glewis@localhost) by ares.trc.adelaide.edu.au (8.9.3/8.9.3) id SAA19199; Tue, 18 Jul 2000 18:02:28 +0930 (CST) (envelope-from glewis) From: Greg Lewis Message-Id: <200007180832.SAA19199@ares.trc.adelaide.edu.au> Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-Reply-To: <44362.963907462@axl.ops.uunet.co.za> from Sheldon Hearn at "Jul 18, 2000 10:04:22 am" To: Sheldon Hearn Date: Tue, 18 Jul 2000 18:02:28 +0930 (CST) Cc: "Joachim [Str_mbergson]" , Greg Lewis , freebsd-security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL70 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sheldon Hearn wrote: > On Mon, 17 Jul 2000 23:49:39 +0200, Joachim =?iso-8859-1?Q?Str=F6mbergson?= wro > te: > > Greg Lewis wrote: > > > I think the recent import of TCFS into OpenBSD > > > is also fairly interesting. > > > > Pretty kewl! Is anybody looking at trying it out for FreeBSD? > > Is it really cool? I've always thought that crypted swap is a waste of > time, given the fact that access to the swap device implies far more > serious problems already. Now that we have a reference to Niels' paper, > though, we can see what his motivation for developing this was. Hmmm, I think you've gotten off the track a bit :). While Joachim's initial comment was about encrypted swap, I was pointing out that TCFS was also an interesting feature that had recently been added to OpenBSD. Its a crytographic replacement for NFS. There are patches for both OpenBSD and NetBSD at the TCFS web site but not FreeBSD unfortunately. > We should definitely not even consider this until we're sure it's > useful. I'd hate to introduce source just for the purposes of keeping > our bullet list as long as OpenBSD's. :-) This applies equally as well to TCFS :). I think its worth investigating, and plan to do so if I get time at one point :). -- Greg Lewis glewis@trc.adelaide.edu.au Computing Officer +61 8 8303 5083 Teletraffic Research Centre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 1:35:51 2000 Delivered-To: freebsd-security@freebsd.org Received: from axl.ops.uunet.co.za (axl.ops.uunet.co.za [196.31.2.163]) by hub.freebsd.org (Postfix) with ESMTP id BBB3337BCA5 for ; Tue, 18 Jul 2000 01:35:45 -0700 (PDT) (envelope-from sheldonh@axl.ops.uunet.co.za) Received: from sheldonh (helo=axl.ops.uunet.co.za) by axl.ops.uunet.co.za with local-esmtp (Exim 3.15 #1) id 13ESqY-000Bxy-00; Tue, 18 Jul 2000 10:35:22 +0200 From: Sheldon Hearn To: Greg Lewis Cc: "Joachim [Str_mbergson]" , freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-reply-to: Your message of "Tue, 18 Jul 2000 18:02:28 +0930." <200007180832.SAA19199@ares.trc.adelaide.edu.au> Date: Tue, 18 Jul 2000 10:35:22 +0200 Message-ID: <46001.963909322@axl.ops.uunet.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 18 Jul 2000 18:02:28 +0930, Greg Lewis wrote: > Hmmm, I think you've gotten off the track a bit :). While Joachim's > initial comment was about encrypted swap, I was pointing out that TCFS > was also an interesting feature that had recently been added to OpenBSD. Ah yes, I _am_ getting side-tracked. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 5:28:52 2000 Delivered-To: freebsd-security@freebsd.org Received: from smtp.pace.edu (ntutil.pace.edu [205.232.111.9]) by hub.freebsd.org (Postfix) with ESMTP id 7AE9E37B9CC; Tue, 18 Jul 2000 05:28:47 -0700 (PDT) (envelope-from js43064n@stmail.pace.edu) Received: from stmail.pace.edu (205.232.111.7:4448) by smtp.pace.edu (LSMTP for Windows NT v1.1b) with SMTP id <0.A80D3D41@smtp.pace.edu>; Tue, 18 Jul 2000 8:28:46 -0400 Date: Tue, 18 Jul 2000 08:28:45 -0400 Message-Id: <200007180828.AA948372002@stmail.pace.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii From: "Jonathan Slivko" Reply-To: To: Cc: Subject: 3.5 vs. 4.0 X-Mailer: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Does anyone here have any comments regarding the stability and out of the box bugginess of FreeBSD 4.0 as opposed to FreeBSD 3.5? I would like to point out that the machine is a P133 with 32MB of RAM and 128 swap space. This machine will be primarily used as a webserver for a small to medium-sized ISP. Thanks in advance for all your input. Thanks. -- Jonathan M. Slivko -- ----------------------------------------------------------- Jonathan M. Slivko President, Technical Support, Simple Hosting Solutions Pager #: (917) 388-5304 (24 Hours/Day) "The comments I make are my own, not those of my employer!" -- WildThang (wildthang@undernet.org) ----------------------------------------------------------- -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 5:45:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from pawn.primelocation.net (pawn.primelocation.net [205.161.238.235]) by hub.freebsd.org (Postfix) with ESMTP id 6807637BDA2; Tue, 18 Jul 2000 05:45:13 -0700 (PDT) (envelope-from jedgar@fxp.org) Received: by pawn.primelocation.net (Postfix, from userid 1016) id A693A9B1C; Tue, 18 Jul 2000 08:45:12 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by pawn.primelocation.net (Postfix) with ESMTP id 96730BA11; Tue, 18 Jul 2000 08:45:12 -0400 (EDT) Date: Tue, 18 Jul 2000 08:45:12 -0400 (EDT) From: "Chris D. Faulhaber" X-Sender: cdf.lists@pawn.primelocation.net To: Jonathan Slivko Cc: freebsd-security@freebsd.org, freebsd-isp@freebsd.org Subject: Re: 3.5 vs. 4.0 In-Reply-To: <200007180828.AA948372002@stmail.pace.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 18 Jul 2000, Jonathan Slivko wrote: > Does anyone here have any comments regarding the stability and out of the box bugginess of FreeBSD 4.0 as opposed to FreeBSD 3.5? I would like to point out that the machine is a P133 with 32MB of RAM and 128 swap space. This machine will be primarily used as a webserver for a small to medium-sized ISP. Thanks in advance for all your input. Thanks. > Wait a few days for 4.1-RELEASE...it should be quite good. ----- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 5:48:27 2000 Delivered-To: freebsd-security@freebsd.org Received: from smtp.pace.edu (ntutil.pace.edu [205.232.111.9]) by hub.freebsd.org (Postfix) with ESMTP id 1517337BDA2; Tue, 18 Jul 2000 05:48:23 -0700 (PDT) (envelope-from js43064n@stmail.pace.edu) Received: from stmail.pace.edu (205.232.111.7:4595) by smtp.pace.edu (LSMTP for Windows NT v1.1b) with SMTP id <0.A80D3E83@smtp.pace.edu>; Tue, 18 Jul 2000 8:48:22 -0400 Date: Tue, 18 Jul 2000 08:48:21 -0400 Message-Id: <200007180848.AA953418274@stmail.pace.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii From: "Jonathan Slivko" Reply-To: To: "Chris D. Faulhaber" Cc: "FreeBSD ISP Mailing List" , "FreeBSD Security Mailing List" Subject: Re: 3.5 vs. 4.0 X-Mailer: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org And what are the new features in that release that I should be waiting for that are not present in FreeBSD 3.5 or 4.0? Also, do you know where I can get the -STABLE tree for 3.5? I wanna update my systems to it. I will not run anything on my production machines that is not -STABLE if there is a -STABLE tree available. Thanks. If someone could send me a cvsup file with all the required information, I would be most appreciative. ---------- Original Message ---------------------------------- From: "Chris D. Faulhaber" Date: Tue, 18 Jul 2000 08:45:12 -0400 (EDT) >On Tue, 18 Jul 2000, Jonathan Slivko wrote: > >> Does anyone here have any comments regarding the stability and out of the box bugginess of FreeBSD 4.0 as opposed to FreeBSD 3.5? I would like to point out that the machine is a P133 with 32MB of RAM and 128 swap space. This machine will be primarily used as a webserver for a small to medium-sized ISP. Thanks in advance for all your input. Thanks. >> > >Wait a few days for 4.1-RELEASE...it should be quite good. > >----- >Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org >-------------------------------------------------------- >FreeBSD: The Power To Serve - http://www.FreeBSD.org > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > -- ----------------------------------------------------------- Jonathan M. Slivko President, Technical Support, Simple Hosting Solutions Founder/Network Administrator: JMS Internet Services Pager #: (917) 388-5304 (24 Hours/Day) "The comments I make are my own, not those of my employer!" ----------------------------------------------------------- -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 6:27:12 2000 Delivered-To: freebsd-security@freebsd.org Received: from fyre.somcol.co.za (fyre.somcol.co.za [196.30.167.130]) by hub.freebsd.org (Postfix) with ESMTP id 3564437BDCB; Tue, 18 Jul 2000 06:26:59 -0700 (PDT) (envelope-from jus@security.za.net) Received: from localhost (jus@localhost) by fyre.somcol.co.za (8.9.3/8.9.3) with ESMTP id PAA17055; Tue, 18 Jul 2000 15:26:24 +0200 (SAST) (envelope-from jus@security.za.net) X-Authentication-Warning: fyre.somcol.co.za: jus owned process doing -bs Date: Tue, 18 Jul 2000 15:26:24 +0200 (SAST) From: Justin Stanford X-Sender: jus@fyre.somcol.co.za To: Jonathan Slivko Cc: "Chris D. Faulhaber" , FreeBSD ISP Mailing List , FreeBSD Security Mailing List Subject: Re: 3.5 vs. 4.0 In-Reply-To: <200007180848.AA953418274@stmail.pace.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Take a look at :- /usr/share/examples/cvsup/stable-supfile jus On Tue, 18 Jul 2000, Jonathan Slivko wrote: > And what are the new features in that release that I should be waiting for that are not present in FreeBSD 3.5 or 4.0? Also, do you know where I can get the -STABLE tree for 3.5? I wanna update my systems to it. I will not run anything on my production machines that is not -STABLE if there is a -STABLE tree available. Thanks. If someone could send me a cvsup file with all the required information, I would be most appreciative. > > ---------- Original Message ---------------------------------- > From: "Chris D. Faulhaber" > Date: Tue, 18 Jul 2000 08:45:12 -0400 (EDT) > > >On Tue, 18 Jul 2000, Jonathan Slivko wrote: > > > >> Does anyone here have any comments regarding the stability and out of the box bugginess of FreeBSD 4.0 as opposed to FreeBSD 3.5? I would like to point out that the machine is a P133 with 32MB of RAM and 128 swap space. This machine will be primarily used as a webserver for a small to medium-sized ISP. Thanks in advance for all your input. Thanks. > >> > > > >Wait a few days for 4.1-RELEASE...it should be quite good. > > > >----- > >Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org > >-------------------------------------------------------- > >FreeBSD: The Power To Serve - http://www.FreeBSD.org > > > > > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-isp" in the body of the message > > > > -- > ----------------------------------------------------------- > Jonathan M. Slivko > President, Technical Support, Simple Hosting Solutions > Founder/Network Administrator: JMS Internet Services > Pager #: (917) 388-5304 (24 Hours/Day) > > "The comments I make are my own, not those of my employer!" > ----------------------------------------------------------- > -- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 8:26:48 2000 Delivered-To: freebsd-security@freebsd.org Received: from merlin.prod.itd.earthlink.net (merlin.prod.itd.earthlink.net [207.217.120.156]) by hub.freebsd.org (Postfix) with ESMTP id E2CE137B9EA; Tue, 18 Jul 2000 08:26:35 -0700 (PDT) (envelope-from cjc@pool0575.cvx21-bradley.dialup.earthlink.net) Received: from pool0575.cvx21-bradley.dialup.earthlink.net (pool0575.cvx21-bradley.dialup.earthlink.net [209.179.194.65]) by merlin.prod.itd.earthlink.net (8.9.3-EL_1_3/8.9.3) with ESMTP id IAA25296; Tue, 18 Jul 2000 08:26:29 -0700 (PDT) Received: (from cjc@localhost) by pool0114.cvx20-bradley.dialup.earthlink.net (8.9.3/8.9.3) id IAA00305; Tue, 18 Jul 2000 08:24:37 -0700 (PDT) Date: Tue, 18 Jul 2000 08:24:06 -0700 From: "Crist J. Clark" To: Jonathan Slivko Cc: "Chris D. Faulhaber" , FreeBSD ISP Mailing List , FreeBSD Security Mailing List Subject: Re: 3.5 vs. 4.0 Message-ID: <20000718082406.A164@dialin-client.earthlink.net> Reply-To: cjclark@alum.mit.edu References: <200007180848.AA953418274@stmail.pace.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <200007180848.AA953418274@stmail.pace.edu>; from js43064n@stmail.pace.edu on Tue, Jul 18, 2000 at 08:48:21AM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [Try to wrap your lines. You put everything on one single line.] On Tue, Jul 18, 2000 at 08:48:21AM -0400, Jonathan Slivko wrote: > And what are the new features in that release that I should be waiting for that are not present in FreeBSD 3.5 or 4.0? Also, do you know where I can get the -STABLE tree for 3.5? I wanna update my systems to it. I will not run anything on my production machines that is not -STABLE if there is a -STABLE tree available. Thanks. If someone could send me a cvsup file with all the required information, I would be most appreciative. Note that a -RELEASE, when the second digit is non-zero, is simply a snapshot of the -STABLE branch with a little extra attention on making sure everything is in a consistent state. For production machines, I think most would agree that the safest thing to do is start with a -RELEASE version and move to a more recent -STABLE version only if there is a compelling reason (security fix, other bug fix, a new functionality that you want, etc.). In other words, a -RELEASE version is most the likely to work with no problems. And once you have that going, don't fix what ain't broke. That's why the 2.2.8-STABLE mailserver at my last job is still chugging away today. The hardware will be the first to give out on that thing. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 8:38:32 2000 Delivered-To: freebsd-security@freebsd.org Received: from hermes.deadbbs.com (hermes.cpetc.com [207.137.157.132]) by hub.freebsd.org (Postfix) with ESMTP id 8946937BE9E; Tue, 18 Jul 2000 08:38:28 -0700 (PDT) (envelope-from Kahn@deadbbs.com) Received: from erin-laptop (mongo.sdccd.cc.ca.us [209.129.16.5]) by hermes.deadbbs.com (8.10.2/8.10.2) with SMTP id e6IFcpm25918; Tue, 18 Jul 2000 08:38:51 -0700 (PDT) From: "Erin" To: , "'Jonathan Slivko'" Cc: "'Chris D. Faulhaber'" , "'FreeBSD ISP Mailing List'" , "'FreeBSD Security Mailing List'" Subject: RE: 3.5 vs. 4.0 Date: Tue, 18 Jul 2000 08:37:57 -0700 Message-ID: <001101bff0ce$265b2560$e815820a@erin-laptop.sdccd.cc.ca.us> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <20000718082406.A164@dialin-client.earthlink.net> X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Crist J. Clark > In other words, a -RELEASE version is most the likely to work with no > problems. And once you have that going, don't fix what ain't broke. > That's why the 2.2.8-STABLE mailserver at my last job is still > chugging away today. The hardware will be the first to give out on > that thing. I never even went to stable, but I have found once its working, don't mess with it. I think its funny that you build a 2.2.8 mail server as well. $ w 8:34AM up 390 days, 19:21, 1 user, load averages: 0.81, 0.71, 0.45 USER TTY FROM LOGIN@ IDLE WHAT erinf p0 odin.xxxxx.com 8:34AM - w $ uname -a FreeBSD hermes.deadbbs.com 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE #0: Thu May 6 22 :32:20 GMT 1999 erinf@hermes.xxxxx.com:/usr/src/sys/compile/hermes i386 Erin http://www.deadbbs.com http://www.fortenberry.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 10:35:38 2000 Delivered-To: freebsd-security@freebsd.org Received: from ixori.demon.nl (ixori.demon.nl [195.11.248.5]) by hub.freebsd.org (Postfix) with ESMTP id B173637B5E4; Tue, 18 Jul 2000 10:35:25 -0700 (PDT) (envelope-from bart@ixori.demon.nl) Received: from smtp-relay by ixori.demon.nl (8.9.3/8.9.2) with ESMTP id TAA10218; Tue, 18 Jul 2000 19:39:57 +0200 (CEST) (envelope-from bart@ixori.demon.nl) Received: from network (intranet) by smtp-relay (Bart's intranet smtp server) Date: Tue, 18 Jul 2000 19:39:49 +0200 (CEST) From: Bart van Leeuwen To: "Crist J. Clark" Cc: Jonathan Slivko , "Chris D. Faulhaber" , FreeBSD ISP Mailing List , FreeBSD Security Mailing List Subject: Re: 3.5 vs. 4.0 In-Reply-To: <20000718082406.A164@dialin-client.earthlink.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hmm... 3.5 or 4.0... I guess that a choice would be based on required functionality... at least both are very stable to my experience. One thing you might want from 4.0 for building a server is the jail stuff. As for running -RELEASE and -STABLE.. What I usually do is start out with a -RELEASE, and use a 2nd (dedicated) machine to track -STABLE. when there are important updates I already have a -STABLE ready for testing and if needed I'll upgrade servers with it. Building and testing is always done on a seperate machine, and is done regardless of requiring the current set of updates, if only because having a fairly recent -STABLE system at hand makes it possible to compare things and makes upgrading so much easier. Also its nice to have updates ready even before actually needing them ;-) I won't ever install such updates unless there is a real reason to do so (security fixes mostly) but in practise I do run -STABLE on most servers by now (4.0) so I'd think that it makes sense to not only look at what you want to run on it right now, but also look at a good way to keep it uptodate for as far as needed. Bart van Leeuwen ----------------------------------------------------------- mailto:bart@ixori.demon.nl - http://www.ixori.demon.nl/ ----------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 16:44:36 2000 Delivered-To: freebsd-security@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id D3D1E37B704 for ; Tue, 18 Jul 2000 16:44:29 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 28443 invoked by uid 1000); 18 Jul 2000 23:44:28 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 18 Jul 2000 23:44:28 -0000 Date: Tue, 18 Jul 2000 18:44:28 -0500 (CDT) From: Mike Silbersack To: Sheldon Hearn Cc: Joachim =?iso-8859-1?Q?Str=F6mbergson?= , Greg Lewis , freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-Reply-To: <44362.963907462@axl.ops.uunet.co.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 18 Jul 2000, Sheldon Hearn wrote: > Is it really cool? I've always thought that crypted swap is a waste of > time, given the fact that access to the swap device implies far more > serious problems already. Now that we have a reference to Niels' paper, > though, we can see what his motivation for developing this was. Well, according to Niels's research, he found old passwords, passphrases, and many other such pieces of data sitting around in his swap file. Hence, one obtaining access to the swap file does have greater knowledge than they would with a crypted swap. His paper seems well written, I suggest that you read it. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Tue Jul 18 22:44:40 2000 Delivered-To: freebsd-security@freebsd.org Received: from axl.ops.uunet.co.za (axl.ops.uunet.co.za [196.31.2.163]) by hub.freebsd.org (Postfix) with ESMTP id 4435B37B5C6 for ; Tue, 18 Jul 2000 22:44:28 -0700 (PDT) (envelope-from sheldonh@axl.ops.uunet.co.za) Received: from sheldonh (helo=axl.ops.uunet.co.za) by axl.ops.uunet.co.za with local-esmtp (Exim 3.15 #1) id 13Emcy-00081u-00; Wed, 19 Jul 2000 07:42:40 +0200 From: Sheldon Hearn To: Mike Silbersack Cc: Joachim =?iso-8859-1?Q?Str=F6mbergson?= , Greg Lewis , freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-reply-to: Your message of "Tue, 18 Jul 2000 18:44:28 EST." Date: Wed, 19 Jul 2000 07:42:40 +0200 Message-ID: <30869.963985360@axl.ops.uunet.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 18 Jul 2000 18:44:28 EST, Mike Silbersack wrote: > Hence, one obtaining access to the swap file does have greater > knowledge than they would with a crypted swap. His paper seems well > written, I suggest that you read it. I read some of it. Two things occur to me: 1) It's close to a waste of time in the absence of crypted filesystems. 2) The kind of access required to read the swap device usually implies a much more serious issue than a crypted swap is going to help you with. That said, it _does_ provide some kind of damage control. It's just not as useful as people sometimes assume. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Jul 19 7:59:21 2000 Delivered-To: freebsd-security@freebsd.org Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108]) by hub.freebsd.org (Postfix) with ESMTP id A88D937B7FD for ; Wed, 19 Jul 2000 07:59:17 -0700 (PDT) (envelope-from danderse@cs.utah.edu) Received: (from danderse@localhost) by faith.cs.utah.edu (8.9.3/8.9.3) id IAA08077; Wed, 19 Jul 2000 08:58:51 -0600 (MDT) Message-Id: <200007191458.IAA08077@faith.cs.utah.edu> Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? To: sheldonh@uunet.co.za (Sheldon Hearn) Date: Wed, 19 Jul 2000 08:58:51 -0600 (MDT) Cc: silby@silby.com (Mike Silbersack), watchman@ludd.luth.se (Joachim =?iso-8859-1?Q?Str=F6mbergson?=), glewis@trc.adelaide.edu.au (Greg Lewis), freebsd-security@FreeBSD.ORG In-Reply-To: <30869.963985360@axl.ops.uunet.co.za> from "Sheldon Hearn" at Jul 19, 2000 07:42:40 AM From: "David G. Andersen" X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Lo and behold, Sheldon Hearn once said: > > On Tue, 18 Jul 2000 18:44:28 EST, Mike Silbersack wrote: > > > Hence, one obtaining access to the swap file does have greater > > knowledge than they would with a crypted swap. His paper seems well > > written, I suggest that you read it. > > I read some of it. Two things occur to me: > > 1) It's close to a waste of time in the absence of crypted filesystems. > > 2) The kind of access required to read the swap device usually implies a > much more serious issue than a crypted swap is going to help you > with. That's not really true, actually. If someone breaks into your apartment and snags your hard disks, they may potentially be able to get a lot more information out of it if you have available swap. For instance, grepping through my swap partition last night, I noticed that the contents of some of my xterm scrollback buffers were stored in there - that's not information someone would be able to obtain ordinarily if you'd shut your computer down. > That said, it _does_ provide some kind of damage control. It's just not > as useful as people sometimes assume. :-) Few things are. There's likely more information stored on filesystems that people don't want lingering around even after repeated overwrites, but swap has the potential to store things behind your back - even if you and your programs are careful to never write them to disk. -Dave -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Wed Jul 19 13:56:18 2000 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 2A87737BE86 for ; Wed, 19 Jul 2000 13:56:14 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id QAA73421; Wed, 19 Jul 2000 16:55:35 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Wed, 19 Jul 2000 16:55:34 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Mike Silbersack Cc: Sheldon Hearn , Joachim =?iso-8859-1?Q?Str=F6mbergson?= , Greg Lewis , freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 18 Jul 2000, Mike Silbersack wrote: > On Tue, 18 Jul 2000, Sheldon Hearn wrote: > > > Is it really cool? I've always thought that crypted swap is a waste of > > time, given the fact that access to the swap device implies far more > > serious problems already. Now that we have a reference to Niels' paper, > > though, we can see what his motivation for developing this was. > > Well, according to Niels's research, he found old passwords, passphrases, > and many other such pieces of data sitting around in his swap > file. Hence, one obtaining access to the swap file does have greater > knowledge than they would with a crypted swap. His paper seems well > written, I suggest that you read it. I've broken systems in test environments using exploited kmem access to extract password information from mbufs. Access to kernel memory space, be it via persistent swap or live /dev/mem or /dev/kmem, is a big no-no from a security perspective. Personally, my big fear is my notebook computer. I can encrypt data on it using command line tools, but I'd much rather see a device layer that I can use to protect both swap and sensitive partitions. Swap could use a randomized key, and mounting of data partitions could rely on a user-provided key for the device layer. A crypto-fs might be more fun, but if we have the facility to layer device access, we might as well use that for a quicky solution. It's easy for someone to walk off with personal computing devices -- in the office, at home, at the airport, ... Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Jul 20 3:48:12 2000 Delivered-To: freebsd-security@freebsd.org Received: from dlt.follo.net (elde.org [195.204.143.185]) by hub.freebsd.org (Postfix) with ESMTP id EE02737C195; Thu, 20 Jul 2000 03:48:07 -0700 (PDT) (envelope-from terje@elde.net) Received: by dlt.follo.net (Postfix, from userid 1002) id F04A55EF3D; Thu, 20 Jul 2000 12:48:05 +0200 (CEST) Date: Thu, 20 Jul 2000 12:48:05 +0200 From: Terje Elde To: Robert Watson Cc: Sheldon Hearn , =?iso-8859-1?Q?Joachim_Str=F6mbergson?= , Greg Lewis , freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? Message-ID: <20000720124805.D70017@dlt.follo.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: ; from rwatson@FreeBSD.ORG on Wed, Jul 19, 2000 at 04:55:34PM -0400 X-Mailer: Mutt http://www.mutt.org/ X-Editor: Vim http://www.vim.org/ X-IRC: ircii!epic4-2000 - prevail[1214] X-Goal: Exterminate All Rational Thought Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Personally, my big fear is my notebook computer. I can encrypt data on it > using command line tools, but I'd much rather see a device layer that I > can use to protect both swap and sensitive partitions. Swap could use a > randomized key, and mounting of data partitions could rely on a > user-provided key for the device layer. A crypto-fs might be more fun, > but if we have the facility to layer device access, we might as well use > that for a quicky solution. It's easy for someone to walk off with > personal computing devices -- in the office, at home, at the airport, ... For a "ugly hack, but up and running today" kinda solution, you could always do what I do... Use cfs (yes, the software tcfs is based on is running under freebsd, and is available in the ports collection) for your file systems, then swap to a file, on one of the encrypted file systems. It's not a pretty sight, but it does the job. Terje To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Jul 20 13: 8: 6 2000 Delivered-To: freebsd-security@freebsd.org Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id E49C637B67E; Thu, 20 Jul 2000 13:07:57 -0700 (PDT) (envelope-from green@FreeBSD.org) Date: Thu, 20 Jul 2000 16:07:56 -0400 (EDT) From: Brian Fundakowski Feldman X-Sender: green@green.dyndns.org To: Greg Lewis Cc: "Joachim [Str_mbergson]" , freebsd-security@freebsd.org Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? In-Reply-To: <200007170151.LAA94006@ares.trc.adelaide.edu.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 17 Jul 2000, Greg Lewis wrote: > Joachim [Str_mbergson] wrote: > > (1) So, what's the status of the FreeBSD security audit? Anything that > > could need a hand? > > You need the freebsd-audit list :) > > > (3) OpenBSD 2.7 introduced crypto swap. After reading through mr Provos > > paper about crypto swap (and the stuff he found on his swap, among other > > things), I got interested in trying this out myself. Is anybody looking > > at this for FreeBSD? Would it be a good idea, anything of value for > > FreeBSD? > > I think the recent import of TCFS into OpenBSD > is also fairly interesting. From what I discussed with Niels Provos at USENIX, this isn't really the interesting part ;) The interesting part is that he is going to be working on seriously improving TCFS, and importing it was just a tiny step that shows he's starting on that :) We'll definitely want to pay attention to the work he's doing on TCFS; he said that it will basically be a rewrite. > -- > Greg Lewis glewis@trc.adelaide.edu.au > Computing Officer +61 8 8303 5083 > Teletraffic Research Centre -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Jul 20 13: 9:23 2000 Delivered-To: freebsd-security@freebsd.org Received: from hotmail.com (law-f267.hotmail.com [209.185.130.183]) by hub.freebsd.org (Postfix) with ESMTP id AF0BD37C10F for ; Thu, 20 Jul 2000 13:09:19 -0700 (PDT) (envelope-from ronnetron@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 20 Jul 2000 13:09:19 -0700 Received: from 63.203.116.218 by lw1fd.hotmail.msn.com with HTTP; Thu, 20 Jul 2000 GMT X-Originating-IP: [63.203.116.218] From: "Ron Smith" To: freebsd-security@FreeBSD.ORG Subject: Allowing Hotline Service Date: Thu, 20 Jul 2000 13:09:19 PDT Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 20 Jul 2000 20:09:19.0703 (UTC) FILETIME=[63690670:01BFF286] Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi all, I'm looking for impartial security info on a product called "Hotline" at: http://cgi.bigredh.com/index2.html. I'm trying to decide wheather to allow the service through out firewall or not. Does anyone out there have any experience with this product/service, as far as the security angle is concerened? Ron Smith ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Jul 20 13:44: 2 2000 Delivered-To: freebsd-security@freebsd.org Received: from security1.noc.flyingcroc.net (security1.noc.flyingcroc.net [207.246.128.54]) by hub.freebsd.org (Postfix) with ESMTP id 9391237B6FE for ; Thu, 20 Jul 2000 13:43:59 -0700 (PDT) (envelope-from todd@flyingcroc.net) Received: from localhost (todd@localhost) by security1.noc.flyingcroc.net (8.9.3/8.9.3) with ESMTP id NAA09260; Thu, 20 Jul 2000 13:43:27 -0700 (PDT) (envelope-from todd@flyingcroc.net) X-Authentication-Warning: security1.noc.flyingcroc.net: todd owned process doing -bs Date: Thu, 20 Jul 2000 13:43:27 -0700 (PDT) From: Todd Backman X-Sender: todd@security1.noc.flyingcroc.net To: Ron Smith Cc: freebsd-security@FreeBSD.ORG Subject: Re: Allowing Hotline Service In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ron, I remember hotline from a ways back. I seem to recall that it mainly dealt with warez (or at least that is what I used to use it for). If your network does not condone the transference or storage of pirated software I would stay away from it... - Todd On Thu, 20 Jul 2000, Ron Smith wrote: > Hi all, > > I'm looking for impartial security info on a product called "Hotline" at: > http://cgi.bigredh.com/index2.html. > > I'm trying to decide whether to allow the service through out firewall or > not. Does anyone out there have any experience with this product/service, as > far as the security angle is concerned? > > Ron Smith > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Thu Jul 20 13:50:15 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.caprice.mb.ca (mail.caprice.mb.ca [205.200.216.3]) by hub.freebsd.org (Postfix) with ESMTP id 4476E37C17F for ; Thu, 20 Jul 2000 13:50:01 -0700 (PDT) (envelope-from grub@grub.net) Received: from grub.net (grub.caprice.mb.ca [205.200.216.10]) by mail.caprice.mb.ca (8.9.3/8.9.3) with ESMTP id OAA22586; Thu, 20 Jul 2000 14:54:20 GMT (envelope-from grub@grub.net) Message-ID: <397765F0.22CAF0AF@grub.net> Date: Thu, 20 Jul 2000 15:49:52 -0500 From: Gordon Grieder Organization: /bin/sh X-Mailer: Mozilla 4.61 [en] (X11; I; FreeBSD 3.3-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 Cc: Ron Smith , freebsd-security@FreeBSD.ORG Subject: Re: Allowing Hotline Service References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 20 Jul 2000, Ron Smith wrote: > Hi all, > > I'm looking for impartial security info on a product called "Hotline" at: > http://cgi.bigredh.com/index2.html. > > I'm trying to decide whether to allow the service through out firewall or > not. Does anyone out there have any experience with this product/service, as > far as the security angle is concerned? > > Ron Smith Ron, et al, The bulk of Hotline use seems to be for warez and mp3 trading. It started out as a Mac-only product that was ported to Windows a few years ago. If you download the client from www.bigredh.com and configure it to use a third party server list (available anywhere) that will confirm what I've said. Gord To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Jul 21 7:40:56 2000 Delivered-To: freebsd-security@freebsd.org Received: from ns1.via-net-works.net.ar (ns1.via-net-works.net.ar [200.10.100.10]) by hub.freebsd.org (Postfix) with ESMTP id 3879037BBC7 for ; Fri, 21 Jul 2000 07:40:48 -0700 (PDT) (envelope-from fpscha@ns1.via-net-works.net.ar) Received: (from fpscha@localhost) by ns1.via-net-works.net.ar (8.9.3/8.9.3) id LAA12901 for freebsd-security@freebsd.org; Fri, 21 Jul 2000 11:40:33 -0300 (GMT) From: Fernando Schapachnik Message-Id: <200007211440.LAA12901@ns1.via-net-works.net.ar> Subject: IP Filter problem. To: freebsd-security@freebsd.org Date: Fri, 21 Jul 2000 11:40:32 -0300 (GMT) Reply-To: Fernando Schapachnik X-Mailer: ELM [version 2.4ME+ PL40 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello: I'm running IP Filter 3.4.6 on FreeBSD 3.4-RELEASE. My ipnat config. looks like: rdr ed1 ext_ip/32 port 80 -> int_ip port 80 tcp rdr ed1 ext_ip/32 port 25 -> int_ip port 25 tcp rdr ed1 ext_ip/32 port 110 -> int_ip port 110 tcp When adding the last rule, ipnat complains with: ioctl(SIOCADNAT): File exists ipnat -l consistently shows only the first 2 rules. Any ideas? Thanks! Fernando P. Schapachnik Administración de la red VIA NET.WORKS ARGENTINA S.A. fernando@via-net-works.net.ar (54-11) 4323-3333 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Jul 21 10:58:24 2000 Delivered-To: freebsd-security@freebsd.org Received: from sn1oexchr01.nextvenue.com (sn1oexchr01.nextvenue.com [63.209.169.9]) by hub.freebsd.org (Postfix) with SMTP id D90F737BDC6 for ; Fri, 21 Jul 2000 10:58:17 -0700 (PDT) (envelope-from nevans@nextvenue.com) Received: FROM sn1exchmbx.nextvenue.com BY sn1oexchr01.nextvenue.com ; Fri Jul 21 13:56:29 2000 -0400 Received: by sn1exchmbx.nextvenue.com with Internet Mail Service (5.5.2650.21) id <3987SM8P>; Fri, 21 Jul 2000 13:53:53 -0400 Message-ID: <712384017032D411AD7B0001023D799B07CA2A@sn1exchmbx.nextvenue.com> From: Nick Evans To: 'Fernando Schapachnik' , freebsd-security@freebsd.org Subject: RE: IP Filter problem. Date: Fri, 21 Jul 2000 13:53:52 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BFF33C.A1E15630" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BFF33C.A1E15630 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I think there was a bug with 3.4.6 that didn't allow multiple rdr's to = one internal IP. Check the IPFilter mailing list archives for that: http://coombs.anu.edu.au/~avalon -----Original Message----- From: Fernando Schapachnik [mailto:fpscha@ns1.via-net-works.net.ar] Sent: Friday, July 21, 2000 10:41 AM To: freebsd-security@freebsd.org Subject: IP Filter problem. Hello: I'm running IP Filter 3.4.6 on FreeBSD 3.4-RELEASE. My ipnat config. looks like: rdr ed1 ext_ip/32 port 80 -> int_ip port 80 tcp rdr ed1 ext_ip/32 port 25 -> int_ip port 25 tcp rdr ed1 ext_ip/32 port 110 -> int_ip port 110 tcp When adding the last rule, ipnat complains with: ioctl(SIOCADNAT): File exists ipnat -l consistently shows only the first 2 rules. Any ideas? Thanks! Fernando P. Schapachnik Administraci=F3n de la red VIA NET.WORKS ARGENTINA S.A. fernando@via-net-works.net.ar (54-11) 4323-3333 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message ------_=_NextPart_001_01BFF33C.A1E15630 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: IP Filter problem.

I think there was a bug with 3.4.6 that didn't allow = multiple rdr's to one internal IP. Check the IPFilter mailing list = archives for that: http://coombs.anu.edu.au/~avalon

-----Original Message-----
From: Fernando Schapachnik [mailto:fpscha@ns1.via-ne= t-works.net.ar]
Sent: Friday, July 21, 2000 10:41 AM
To: freebsd-security@freebsd.org
Subject: IP Filter problem.


Hello:
        I'm = running IP Filter 3.4.6 on FreeBSD 3.4-RELEASE.

        My ipnat = config. looks like:

rdr ed1 ext_ip/32 port 80 -> int_ip port 80 = tcp
rdr ed1 ext_ip/32 port 25 -> int_ip port 25 = tcp
rdr ed1 ext_ip/32 port 110 -> int_ip port 110 = tcp

        When = adding the last rule, ipnat complains with:
ioctl(SIOCADNAT): File exists

        ipnat -l = consistently shows only the first 2 rules.

        Any = ideas?

        Thanks!

Fernando P. Schapachnik
Administraci=F3n de la red
VIA NET.WORKS ARGENTINA S.A.
fernando@via-net-works.net.ar
(54-11) 4323-3333


To Unsubscribe: send mail to = majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the = body of the message

------_=_NextPart_001_01BFF33C.A1E15630-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Jul 21 14: 6:14 2000 Delivered-To: freebsd-security@freebsd.org Received: from exchange.lightrealm.com (exchange.lightrealm.com [216.122.95.4]) by hub.freebsd.org (Postfix) with ESMTP id C41BD37BCFC for ; Fri, 21 Jul 2000 14:06:09 -0700 (PDT) (envelope-from rcarskadden@lightrealm.com) Received: by EXCHANGE with Internet Mail Service (5.5.2650.21) id ; Fri, 21 Jul 2000 14:12:14 -0700 Message-ID: From: Rush Carskadden To: 'Garrett Wollman' , Leif Neland Cc: security@FreeBSD.ORG Subject: RE: randomdev entropy gathering is really weak Date: Fri, 21 Jul 2000 14:12:13 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It is somewhat troubling to me to think that you may assume the only time you need security is when you are connected to the Internet. Picture a large corporation (or government) with a substantial private network that, though it is not connected to the Internet, provides a number of critical services to it's users on a day to day basis. Is this network any less worth protecting because it is not connected to the Internet? Assuming that there are a large number of users on the network, is risk nonexistant? The fact of the matter is, it is bad form to rely on any system that you do not control for a security solution, and it is even worse form when communicating with this system requires you to be on the Internet. But that's just my opinion. ok, Rush Carskadden -----Original Message----- From: Garrett Wollman [mailto:wollman@khavrinen.lcs.mit.edu] Sent: Monday, July 17, 2000 8:54 AM To: Leif Neland Cc: security@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak < said: > If you can't reach a NTP server, you are not connected to the internet. In > that case you don't need to worry so much about security... Unless, of course, the reason your machine is not connected to the Internet is in order that it be able to provide some critical security functionality. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Fri Jul 21 19:14:11 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 3C7B837B728; Fri, 21 Jul 2000 19:14:08 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id TAA81313; Fri, 21 Jul 2000 19:14:08 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Fri, 21 Jul 2000 19:14:07 -0700 (PDT) From: Kris Kennaway To: Rush Carskadden Cc: "'Garrett Wollman'" , Leif Neland , security@FreeBSD.ORG Subject: RE: randomdev entropy gathering is really weak In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 21 Jul 2000, Rush Carskadden wrote: > It is somewhat troubling to me to think that you may assume the only > time you need security is when you are connected to the Internet. Picture a That's not what he said: > Unless, of course, the reason your machine is not connected to the > Internet is in order that it be able to provide some critical security > functionality. i.e. the machine is not connected to the net because it is critical to security. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Jul 22 9:30:30 2000 Delivered-To: freebsd-security@freebsd.org Received: from MCSMTP.MC.VANDERBILT.EDU (mcsmtp.mc.Vanderbilt.Edu [160.129.93.202]) by hub.freebsd.org (Postfix) with ESMTP id B913937B942 for ; Sat, 22 Jul 2000 09:30:27 -0700 (PDT) (envelope-from George.Giles@mcmail.vanderbilt.edu) Subject: NATD problem To: freebsd-security@freebsd.org X-Mailer: Lotus Notes Release 5.0.2a November 23, 1999 Message-ID: From: George.Giles@mcmail.vanderbilt.edu Date: Sat, 22 Jul 2000 11:32:31 -0500 X-MIMETrack: Serialize by Router on MCSMTP/VUMC/Vanderbilt(Release 5.0.3 |March 21, 2000) at 07/22/2000 11:31:33 AM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org My firewall works fine, but NATD does not route my gateway requests properly. The private ip addresses do not route from mx1 (iip) through mx0 (oip). # Allow inside out $fwcmd add divert natd all from any to any via ${oif} $fwcmd add pass tcp from ${iip} to ${oip} 8668 setup $fwcmd add pass tcp from ${iip} to any 8668 Please advise. George To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Jul 22 12:57:47 2000 Delivered-To: freebsd-security@freebsd.org Received: from snafu.adept.org (adsl-63-201-63-44.dsl.snfc21.pacbell.net [63.201.63.44]) by hub.freebsd.org (Postfix) with ESMTP id 85E6537BA44 for ; Sat, 22 Jul 2000 12:57:39 -0700 (PDT) (envelope-from mike@adept.org) Received: by snafu.adept.org (Postfix, from userid 1000) id B7FEC9EE01; Sat, 22 Jul 2000 12:57:25 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by snafu.adept.org (Postfix) with ESMTP id AEC489B001; Sat, 22 Jul 2000 12:57:25 -0700 (PDT) Date: Sat, 22 Jul 2000 12:57:25 -0700 (PDT) From: Mike Hoskins To: George.Giles@mcmail.vanderbilt.edu Cc: freebsd-security@freebsd.org Subject: Re: NATD problem In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 22 Jul 2000 George.Giles@mcmail.vanderbilt.edu wrote: > My firewall works fine, but NATD does not route my gateway requests > properly. The private ip addresses do not route from mx1 (iip) through mx0 > (oip). Has this worked before, and only broken recently... or is this still a first attempt to get it working? What options do you have compiled into your kernel? I have: # Firewall/NATD options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=64 options IPDIVERT Does this show up in your dmesg output? [69]mike@snafu{mike}$ dmesg|grep div IP packet filtering initialized, divert enabled, rule-based forwarding disabled, default to deny, logging limited to 64 packets/entry by default What flags are you passing natd? What's in /etc/rc.conf? I have: natd_enable="YES" natd_flags="-s -m -u" And see the following running: [70]mike@snafu{mike}$ ps ax|grep nat 90 ?? Ss 0:24.61 /sbin/natd -s -m -u -n fxp0 For my firewall I have: firewall_enable="YES" firewall_type="/etc/rc.firewall.snafu" But you're probably running firewall_type="OPEN" (which is fine for initial setup/testing). Is your box set to be a gateway? I have this in /etc/rc.conf: gateway_enable="YES" With these options, NATD's been working perfectly for me under RELENG_4 for awhile now. If you already have all of this, have you tested basic connectivity? Can you ping from the inside host(s) to the gw machine? Can you ping from the gw machine to the inside host(s)? Can the gw machine ping outside? Are your NICs configured properly on all machines (duplex, etc.)? > # Allow inside out > $fwcmd add divert natd all from any to any via ${oif} > > $fwcmd add pass tcp from ${iip} to ${oip} 8668 setup > $fwcmd add pass tcp from ${iip} to any 8668 Have you tried just running firewall_type="OPEN"? I'm running a custom rulechain, but OPEN basically goes like this: divert 8668 ip from any to any via OIF allow ip from any to any via lo0 deny ip from any to 127.0.0.0/8 allow ip from any to any Alternatively, you may want to take advantage of ipfw's new 'check-state' capabilities and setup something like what I have... divert 8668 ip from any to any via OIF allow ip from any to any via lo0 deny ip from any to 127.0.0.0/8 check-state allow ip from OIP to any keep-state allow ip from INW to any keep-state # # rules to allow specific inbound traffic # deny ip from any to any OIF == Outside InterFace OIP == Outside IP address INW == Inside NetWork This let's my LAN 'talk' to the outside world (rules are created on the fly), allows inbound traffic I want, and deny's everything else. Good luck, -mrh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message From owner-freebsd-security Sat Jul 22 18:43:39 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail1.nc.rr.com (fe1.southeast.rr.com [24.93.67.48]) by hub.freebsd.org (Postfix) with ESMTP id 9FAC337B686; Sat, 22 Jul 2000 18:43:28 -0700 (PDT) (envelope-from tstromberg@rtci.com) Received: from sudden.detachment.org ([24.25.3.165]) by mail1.nc.rr.com with Microsoft SMTPSVC(5.5.1877.357.35); Sat, 22 Jul 2000 21:43:26 -0400 Received: from rtci.com (localhost [127.0.0.1]) by sudden.detachment.org (8.9.3/8.9.3) with ESMTP id NAA07556; Fri, 21 Jul 2000 13:51:05 -0400 (EDT) (envelope-from tstromberg@rtci.com) Message-ID: <39788D89.56359DCA@rtci.com> Date: Fri, 21 Jul 2000 13:51:05 -0400 From: "Thomas R. Stromberg" Organization: Research Triangle Commerce, Inc. X-Mailer: Mozilla 4.73 [en] (X11; I; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en MIME-Version: 1.0 To: Robert Watson , freebsd-security@freebsd.org Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert Watson wrote: > Personally, my big fear is my notebook computer. I can encrypt data on it > using command line tools, but I'd much rather see a device layer that I > can use to protect both swap and sensitive partitions. Swap could use a > randomized key, and mounting of data partitions could rely on a > user-provided key for the device layer. A crypto-fs might be more fun, > but if we have the facility to layer device access, we might as well use > that for a quicky solution. It's easy for someone to walk off with > personal computing devices -- in the office, at home, at the airport, ... > > Robert N M Watson At work we've had great success using cfs (cryptographic filesystem) for sensitive data. As a "oops I forgot" or "oops the sysadmin is dead" precaution, we store all root, router, and sql passwords on a relatively unmarked disk. This of course is held in a secure area, in a fireproof box, and the password is only passed via word of mouth. Due to the complexity of getting cfs setup for a junior admin, we've scripted it all out with a cute ansified menu in perl. This automated script also keeps on-disk diffs of all changes, a log of all activities, and syslogs out upon insertion. This of course just weeds out novices who get their hands on the disk. There are three great advantages to using cfs on floppies: 1) Idle timeouts and time limits. If someone idles on the disk for 10 minutes, cfs can unmount itself. This is a godsend feature. 2) If you put it in a Windows box, it appears unformatted. Great for wannabe hackers and managers alike. They have to know its UFS. 3) Forces the user to be on a machine that he has root on, and that can mount cfs. Aka, it forces us to deploy FreeBSD boxes on the desktop. Ive also messed around with storing my home directory in cfs, until I forgot its password :( Of course, there is nothing stopping anyone from using pgp for important documents, but this can get unwieldly. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.2 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE5eI0noyBzPESpFVQRAu3ZAJ9dHsCV8ysBbpXQvZFwNzvMQyRbzQCffdnN Kj0KfA+OIG9mVtKWDLohT8k= =llJA -----END PGP SIGNATURE----- -- thomas r. stromberg : tstromberg@rtci.com senior systems administrator : http://www.afterthought.org/ research triangle commerce, inc. : 1.919.657.1317 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message