From owner-freebsd-security  Thu Oct 29 14:50:08 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA05645
          for freebsd-security-outgoing; Thu, 29 Oct 1998 14:50:08 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from banshee.cs.uow.edu.au (banshee.cs.uow.edu.au [130.130.188.1])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA05528
          for <freebsd-security@FreeBSD.ORG>; Thu, 29 Oct 1998 14:49:53 -0800 (PST)
          (envelope-from ncb05@banshee.cs.uow.edu.au)
Received: (from ncb05@localhost)
	by banshee.cs.uow.edu.au (8.9.1a/8.9.1) id JAA05604;
	Fri, 30 Oct 1998 09:49:36 +1100 (EST)
Date: Fri, 30 Oct 1998 09:49:36 +1100 (EST)
From: Nicholas Charles Brawn <ncb05@uow.edu.au>
X-Sender: ncb05@banshee.cs.uow.edu.au
To: Mike Jenkins <mjenkins@carp.gbr.epa.gov>
cc: freebsd-security@FreeBSD.ORG
Subject: Re: Connections succeed even though denied by IPFW
In-Reply-To: <199810291642.KAA12888@carp.gbr.epa.gov>
Message-ID: <Pine.SOL.4.02A.9810300948550.28587-100000@banshee.cs.uow.edu.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 29 Oct 1998, Mike Jenkins wrote:

: Brings back memories of the classic packet filtering paper by Brent
: Chapman entitled "Network (In)Security Through IP Packet Filtering".
: Things have improved with packet filters but it can still be difficult
: to get it right.  Of course, you might run a scanner (nmap) to see if
: your rules are working.
: 
: Mike

Anyone know where I could get a copy of that paper? Sounds like a
worthwhile read.

Nick

--
Email: ncb05@uow.edu.au - http://rabble.uow.edu.au/~nick
Key fingerprint =  DE 30 33 D3 16 91 C8 8D  A7 F8 70 03 B7 77 1A 2A



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message