From owner-freebsd-current Sun Sep 21 11:05:13 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id LAA10396 for current-outgoing; Sun, 21 Sep 1997 11:05:13 -0700 (PDT) Received: from zippy.dyn.ml.org (garbanzo@tokyo-42.ppp.hooked.net [206.169.229.42]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id LAA10391 for ; Sun, 21 Sep 1997 11:05:08 -0700 (PDT) Received: from localhost (garbanzo@localhost) by zippy.dyn.ml.org (8.8.7/8.8.7) with SMTP id LAA00576; Sun, 21 Sep 1997 11:05:23 -0700 (PDT) X-Authentication-Warning: zippy.dyn.ml.org: garbanzo owned process doing -bs Date: Sun, 21 Sep 1997 11:05:22 -0700 (PDT) From: Alex X-Sender: garbanzo@zippy.dyn.ml.org To: dmaddox@scsn.net cc: current@FreeBSD.ORG Subject: Re: Problems with -current ppp In-Reply-To: <19970921110054.48267@scsn.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Sun, 21 Sep 1997, Donald J. Maddox wrote: > Ok. My IP addres is dynamically assigned by my ISP (scsn.net), so the most > I can tell you is that it will be ppp???.coladlp?.scsn.net. I usually only > use the PPP connection long enough to get my email, then kill it. Most > incoming connections are denied by tcp wrappers. Good luck :-) TCP Wrappers are kinda a moot point, as that's not where the hole lies. That's like putting a deadbolt on the back door, and leaving the front one wide open. > Seriously, I understand the need for security in ppp, and I would rather have > it secureable even if it means a little inconvenience (like having to type a > password). However, since the window of insecurity is so small in this case, > if I can trade security for convenience, I will. Uh, this isn't exactly a small hole, especially if you run it as root (not suid). > This is not an appeal to have ppp's security enhancements reverted. Clearly, > making ppp more secure is a Good Thing. Yes. - alex