Date: Thu, 17 Oct 2002 10:12:06 +1000 (Australia/ACT) From: Darren Reed <avalon@coombs.anu.edu.au> To: cswiger@mac.com (Chuck Swiger) Cc: freebsd-security@FreeBSD.ORG Subject: Re: CERT VU#539363 Message-ID: <200210170012.KAA03159@caligula.anu.edu.au> In-Reply-To: <122BC346-E14A-11D6-BE66-000A27D85A7E@mac.com> from "Chuck Swiger" at Oct 16, 2002 04:58:50 PM
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Chuck Swiger, sie said: > [...] > OS X (or FreeBSD, for that matter) may not be vulnerable also because they > don't try to monitor FTP transactions looking for the PASV, and thus don't > create the bogus dynamic rule. Someone using static packet filtering > rules (before a check-state) can block access to the low ports (below 1024) > and mitigate against the spoofed dynamic rules. [...] You're confusing 539363 (state) with 328867 (FTP). Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210170012.KAA03159>