[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is a 'PF default to block' setting outside pf.conf a desirable feature?



On 9 Nov 2005 at 9:57, Peter N. M. Hansteen wrote:
> Over in the comp.unix.bsd.freebsd.misc news group, there's a
> discussion about what happens when PF loads, specifically a perceived
> 'window of opportunity' for an attacker in the interval between PF
> getting enabled and the rule set loading, and what happens if the rule
> set you load at boot time is an empty or invalid rule set.
That's "my" thread.  Your email arrived just as I hit 'send' to restart 
the discussion here!  I've promised to report opinions back to 
c.u.b.f.misc.  
Can I suggest any followups use the subject line of /this/ message, 
rather than of the one I've just sent? Otherwise there'll be two 
threads on the same topic.
-- 
various incoming sites blocked because of spam; see 
http://www.scottsonline.org.uk for a list and openpgp crypto key
(key fingerprint 2ACC 9F21 5103 F68C 7C32 9EA8 C949 81E1 31C9 1364)
[email protected]    Mike Scott, Harlow, Essex, England