Date: Wed, 11 Nov 2015 00:55:18 -0800 From: Micheas Herman <m@micheas.net> To: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: OpenSSH HPN Message-ID: <CAJw6ijn2opm3nFO9-h%2Bh3zk6=eaO9fXdCnOEgOzqr-SevuyU0w@mail.gmail.com> In-Reply-To: <20151111075930.GR65715@funkthat.com> References: <86io5a9ome.fsf@desk.des.no> <20151110175216.GN65715@funkthat.com> <56428C84.8050600@FreeBSD.org> <CAOc73CAHQ0FRPES7GrM6ckkWfgZCS3Se7GFUrDO4pR_EMVSvZQ@mail.gmail.com> <20151111075930.GR65715@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 10, 2015 at 11:59 PM, John-Mark Gurney <jmg@funkthat.com> wrote: > > <snip> > > If you have a trusted network, why not just use nc? Defense in depth for starters. The ipfw how to guide I learned from years ago, started with the statement that a firewall should be a shield in front of machines that don't need the shield. Security is hard, and you will get it wrong (everyone does), accidentally exposing an encrypted stream is much less of a mistake than exposing a plaint text stream. > > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJw6ijn2opm3nFO9-h%2Bh3zk6=eaO9fXdCnOEgOzqr-SevuyU0w>