lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
From: vogt at hansenet.com (vogt@...senet.com) Subject: AW: How to easily bypass a firewall... > Whereas if they were using, say, NetBSD with IPFilter and turned > the securelevel to be >= 2, you cannot turn off or otherwise change > ipf's configuration without a reboot. > > Of course this then leads back to the problem of having all the > requisite bootup files immutable to prevent trojan'ing and that > can make things harder to administer than it is worth the effort. Actually, the main effect is that you NOTICE. Usually, you monitor your systems, and a reboot will show up, which will cause you to take a look. Which raises the bar for the attacker from "not being noticed by the OS" to "not being noticed by the admin looking for something that's wrong". Tom
Powered by blists - more mailing lists