you can configure BSD to default to deny in the kernel.
IPFILTER_DEFAULT_BLOCK #block all packets I have had my software firewall up since 1998, with no probelms. On Wed, 4 Jun 2003, Joe Hummel wrote: > I would agree with morning_wood - hardware routers are a much better way to > go - when the device fails, you fail closed, as opposed to a software > solution, where if it fails, you fail open (read - open=vulnerable). In > addition, I've found that even the technically savvy get perplexed by some > of the alerts generated by personal firewall software. > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
