From owner-freebsd-security Wed Oct 16 17:12:48 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1525C37B401 for ; Wed, 16 Oct 2002 17:12:47 -0700 (PDT) Received: from caligula.anu.edu.au (caligula.anu.edu.au [150.203.224.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 91D2A43E8A for ; Wed, 16 Oct 2002 17:12:43 -0700 (PDT) (envelope-from avalon@caligula.anu.edu.au) Received: (from avalon@localhost) by caligula.anu.edu.au (8.9.3/8.9.3) id KAA03159; Thu, 17 Oct 2002 10:12:06 +1000 (EST) From: Darren Reed Message-Id: <200210170012.KAA03159@caligula.anu.edu.au> Subject: Re: CERT VU#539363 To: cswiger@mac.com (Chuck Swiger) Date: Thu, 17 Oct 2002 10:12:06 +1000 (Australia/ACT) Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <122BC346-E14A-11D6-BE66-000A27D85A7E@mac.com> from "Chuck Swiger" at Oct 16, 2002 04:58:50 PM X-Mailer: ELM [version 2.5 PL1] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In some mail from Chuck Swiger, sie said: > [...] > OS X (or FreeBSD, for that matter) may not be vulnerable also because they > don't try to monitor FTP transactions looking for the PASV, and thus don't > create the bogus dynamic rule. Someone using static packet filtering > rules (before a check-state) can block access to the low ports (below 1024) > and mitigate against the spoofed dynamic rules. [...] You're confusing 539363 (state) with 328867 (FTP). Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message