From owner-freebsd-security Thu Sep 21 11:13:34 1995 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id LAA23512 for security-outgoing; Thu, 21 Sep 1995 11:13:34 -0700 Received: from puli.cisco.com (puli.cisco.com [171.69.1.174]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id LAA23506 for ; Thu, 21 Sep 1995 11:13:32 -0700 Received: (pst@localhost) by puli.cisco.com (8.6.8+c/8.6.5) id LAA12006; Thu, 21 Sep 1995 11:13:01 -0700 Date: Thu, 21 Sep 1995 11:13:01 -0700 From: Paul Traina Message-Id: <199509211813.LAA12006@puli.cisco.com> To: avalon@cheops.anu.edu.au, security@freebsd.org In-Reply-To: roberto@keltia.freenix.fr's message of 19 Sep 1995 15:55:07 PST Subject: IP Filter version 2.8 Sender: owner-security@freebsd.org Precedence: bulk Should we be incorporating Darren's new code into FreeBSD? It makes more sense to do that than to continue with Ugen's work on top of the old code. However, I know that Darren has license issues that need to be resolved. Is there some way we can get this good code into the base distribution of FreeBSD in a fashion that will be acceptable to both him and us? Paul Path: cronkite.cisco.com!newsgate.cisco.com From: roberto@keltia.freenix.fr (Ollivier Robert) Newsgroups: cisco.external.bsd.free.hackers Date: 19 Sep 1995 15:55:07 PST Sender: owner-hackers@FreeBSD.ORG Organization: Internet-USENET Gateway at cisco Systems MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Lines: 70 ------- start of forwarded message ------- From: avalon@cheops.anu.edu.au (Darren Reed) Newsgroups: comp.sys.sun.admin,comp.security.unix,alt.security Subject: IP Filter version 2.8 Date: 16 Sep 1995 02:05:02 +1000 Organization: Coombs Computing Unit, ANU Announcing IP Filter version 2.8 What is IP Filter ? Quick answer: a free packet filter which can be incorporated into any of the supported operating systems, providing IP packet level filtering per interface. What's that mean to me ? It means you can build it into your network servers which have more than a single ethernet interface to protect your servers and internal networks from IP spoofing and other attacks which defeat service level access control methods. Also, if you're confident enough, you can use this package to help build your own firewall. I'd recommend using the TIS Firewall Toolkit in conjunction with this package if you think you're capable of this. For more information, details and examples of filter rules, see: http://coombs.anu.edu.au/~avalon/ip-filter.html New to this release: * Solaris 2.4 (on ethernet interfaces ONLY) is now supported except for the return-rst and return-icmp options; * Can now (optionally) log the first 128 bytes of a packet (if present), including the packet header; * ipmon can now generate log entries with names in place of numerical hostname and port data by using the -N command line option; * ipmon can now optionally log output through syslog using the new -s command line option; * IPSO Basic Security Options filtering; * In-kernel filtering can be turned on/off; * Regression testing to check the correctness of the filter; * IP test program (ipsend) is now included with the package to allow the administrator to send arbitary IP packets, or replay packet sequences at the filter - runs on Linux, *BSD, Solaris2 and SunOS 4.1.x; * Compacts IP header into a directly filterable form; * Three-way filtering results, allowing packets which don't match any rule to be counted and subjected to a general policy of denial or permission; * Perl script suggesting rules (and other changes needed) that you'll need to protect yourself from IP spoofing. darren ------- end of forwarded message ------- -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.frmug.fr.net FreeBSD keltia.Freenix.FR 2.2-CURRENT #1: Sun Sep 10 18:50:19 MET DST 1995