Catching up on very old email. On 11/15/05, Lars Hansson <[EMAIL PROTECTED]> wrote: > > And if, for any reason whatsoever, pfctl fails to run? The system > > remains wide open. > > Becasue that happens a lot.... > Oh come on now, this is a fringe case if there ever was one. > What if your default block kernel has a bug that causes it to pass all > under some obscure circumstance?
Oh, you think *that* is a fringe case? I once had OpenBSD come up with the LAN and WAN NICs (both same brand) swapped, apparently because one of them received an interrupt at an inopportune moment. And then the name of my internal syslog server was unfortunately also a valid domain name on the real internet, and their syslog server was wide open, so my system started logging all its dropped packets to their syslog server. Also, all my network daemons were exposed to the Internet. I left them an apology with the logger command line tool, but I doubt if they ever noticed. Summary: Expect the unexpected. I was logged in and running tcpdump at the time, so I caught it right away. This could be you: :-( -- http://www.lightconsulting.com/~travis/ -><- Knight of the Lambda Calculus "We already have enough fast, insecure systems." -- Schneier & Ferguson GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
