Date: Mon, 28 Jan 2002 11:51:49 -0800 (PST) From: Patrick Greenwell <patrick@stealthgeeks.net> To: "Robert D. Hughes" <rob@robhughes.com> Cc: Nate Williams <nate@yogotech.com>, Justin White <justinfinity@mac.com>, <freebsd-stable@FreeBSD.ORG> Subject: RE: firewall config (CTFM) Message-ID: <20020128113806.O95859-100000@rockstar.stealthgeeks.net> In-Reply-To: <B95B566BD245174196CA4EE29E5818831B6469@HEXCH01.robhughes.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Jan 2002, Robert D. Hughes wrote:
> While this will probably get me flamed to no end, users not reading the
> docs and keeping up with advisories (sys admins are users too) is only
> the cause of little things like nimda, code red, and probably at least
> 90% of all the other problems people report with any system.
It's always amusing when "keyword commentators" chime in. You know the
type; a certain set of keywords trigger a post from these well-intentioned
folks that usually haven't bothered to read an entire thread.
I've said it repeatedly, but since you weren't paying attention, I'll say
it specifically for your benefit: there is no documentation on the
ineffectiveness of setting firewall_enable to no, anywhere. One is left to
their crystal ball and various and sundry scrying devices in order to
intuit that unlike setting firewall_enable to yes, setting firewall_enable
to no doesn't do anything and leaves you with a box that doesn't pass packets.
[insert obligatory follow-up argument from other parties that says that
people that are smart enough to compile a firewall into their kernel
aren't smart enough to enable it so it needs to be done for them
regardless.]
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Patrick Greenwell
Stealthgeeks,LLC. Operations Consulting
http://www.stealthgeeks.net
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020128113806.O95859-100000>