Home » Mailing list archives » openbsd-misc » 2007 » November » 20

Re: Compromising a host with pf enabled?

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Luca Corti <luca@...>
To: Misc OpenBSD <misc@...>
Subject: Re: Compromising a host with pf enabled?
Date: Tuesday, November 20, 2007 - 7:29 pm

On Mon, 2007-11-19 at 22:53 -0700, Clint Pachl wrote:


That you are basically bypassing your own firewall. Just create a third

subnet for your management services and allow only the lan and dmzs to

access it through the firewall. Not perfect but IMHO better than

establishing a direct path between a dmz and a lan and adding complexity

to monitor traffic on that path.


ciao


Luca
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
Compromising a host with pf enabled?, Clint Pachl, (Mon Nov 19, 10:01 pm)
Re: Compromising a host with pf enabled?, Chris Zakelj, (Mon Nov 19, 10:37 pm)
Re: Compromising a host with pf enabled?, Clint Pachl, (Tue Nov 20, 1:53 am)
Re: Compromising a host with pf enabled?, Darren Spruell, (Wed Nov 21, 11:09 am)
Re: Compromising a host with pf enabled?, Clint Pachl, (Wed Nov 21, 4:54 pm)
Re: Compromising a host with pf enabled?, Daniel Ouellet, (Wed Nov 21, 9:30 pm)
Re: Compromising a host with pf enabled?, Luca Corti, (Tue Nov 20, 7:29 pm)
Re: Compromising a host with pf enabled?, Greg Thomas, (Tue Nov 20, 12:13 am)
Re: Compromising a host with pf enabled?, Chris Zakelj, (Tue Nov 20, 12:29 am)
Re: Compromising a host with pf enabled?, Clint Pachl, (Tue Nov 20, 1:57 am)