| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jamie at arpa.com (jamie) Subject: OSX 10.3 Personal Firewall. On Oct 28, 2003, at 9:02 PM, B-r00t wrote: > I know that the underlying ipfw is capable of being configured > accordingly, but shouldnt the overlying firewall configuration > application at least activate appropriate UDP and ICMP filtering? osx does .. for anyone who uses ipfw in osx in their own custom config, which, sadly, you cannot do well with a GUI. > > Especially since the majority of OSX users will employ the GUI > firewall configuration application as their primary form of > Internet protection. > You have numbers? Big statement. The majority of OSX users *I* know have their own custom ipfw script. :) > Remember kidz, use either ICMP or UDP backdoor code! You have only one layer of security between your computer and the Internet? You think that a point and click GUI will give you real protection? OSX is fan-fucking-tabulous and all, but it's not the end-all. I think the default template could have been a little better, perhaps with some keep-state/check-state ninjadom, but alas. Perhaps a "strict UDP & ICMP" toggle in future updates... .jr -- i am jamie at arpa dot com arpa.com :: the mainstream runs shallow Darwin SeReNDiPiTY.local 7.0.0 Darwin Kernel Version 7.0.0: Wed Sep 24 15:48:39 PDT 2003; root:xnu/xnu-517.obj~1/RELEASE_PPC Power Macintosh powerpc
Powered by blists - more mailing lists