Blocking Trojans with PF

Hi, Any idea for denying connection initiation to outside from any web server protected by PF? ( wanna block Trojans and reverse connections while incomming http traffic is allowed) . Regards, Hassan H. Monfared

Re: Blocking Trojans with PF

block all Permit inbound port 80, but do not permit new outbound connections. Consider each interface a separate firewall, with separate flows entirely, then use policy enforcement (see tagging: http://cvs.openbsd.org/faq/pf/tagging.html) to ensure only properly tagged packets are passed out from

Re: Blocking Trojans with PF

On Mon, 26 Sep 2011 09:48:20 +0330 Hassan Monfared hmonfa...@gmail.com wrote: Hi, Any idea for denying connection initiation to outside from any web server protected by PF? ( wanna block Trojans and reverse connections while incomming http traffic is allowed) . block all pass in on $if from

Re: Blocking Trojans with PF

thank you, is it right blocking connection initiation from inside using rule something like: block in on $if flags S/SA am I right ? Regards, Hassan H. Monfared On Mon, Sep 26, 2011 at 10:18 AM, Gregory Edigarov g...@bestnet.kharkov.uawrote: On Mon, 26 Sep 2011 09:48:20 +0330 Hassan Monfared

Re: Blocking Trojans with PF

If your firewall is on the same machine as webserver -you can safely use the ruleset i wrote. if not - you should have block in on $intif On Mon, 26 Sep 2011 10:40:09 +0330 Hassan Monfared hmonfa...@gmail.com wrote: thank you, is it right blocking connection initiation from inside using

Re: Blocking Trojans with PF

Hi again, all 6 webservers are behind FW , doesn't block in on $intif rule blocks TCP handshaking ? I mean ACK message must be passed on $intif, mustn't ? Regards, Hassan H. Monfared On Mon, Sep 26, 2011 at 11:21 AM, Gregory Edigarov g...@bestnet.kharkov.uawrote: If your firewall is on the

Re: Blocking Trojans with PF

Why can't you read how does statefull filtration works? You'd be much better with the full explanation of TCP handshake process, and how does a statefull firewall fits into picture. On Mon, 26 Sep 2011 11:26:54 +0330 Hassan Monfared hmonfa...@gmail.com wrote: Hi again, all 6 webservers are

Re: Blocking Trojans with PF

thanks for clear answer ! I'd already read. not bad idea to refer every question on the list to the manuals and books or man pages, huh ? On Mon, Sep 26, 2011 at 11:35 AM, Gregory Edigarov g...@bestnet.kharkov.uawrote: Why can't you read how does statefull filtration works? You'd be much

configure lan ports and wifi like a switch

Hi, I use an appliance with OpenBSD 4.9, there are 3 network ports(sis0-2), and a wifi port (ral0) sis0 : egress (internet) sis1, sis2, ral0 : lan i configure a hostname.trunk0 : trunkport sis2 trunkport sis1 trunkport ral0 trunkproto loadbalance inet 10.100.1.50 255.255.255.0 hostname.sis1,

Re: microsoft and UEFI boot

Actually I'm way more optimist about OEM motherboard manufacturers rather than PC companies. The weak spot will in fact be laptops and other portable equipment, as these are all proprietary design. Considering that laptop sales have overdone standard fixed PCs ones since years, the ecosystem,

Re: configure lan ports and wifi like a switch

You want bridge(4), not trunk(4). On 2011-09-26, Wesley M. open...@e-solutions.re wrote: Hi, I use an appliance with OpenBSD 4.9, there are 3 network ports(sis0-2), and a wifi port (ral0) sis0 : egress (internet) sis1, sis2, ral0 : lan i configure a hostname.trunk0 : trunkport sis2

Re: Blocking Trojans with PF

On Mon, Sep 26, 2011 at 10:16 AM, Hassan Monfared hmonfa...@gmail.com wrote: thanks for clear answer ! I'd already read. not bad idea to refer every question on the list to the manuals and books or man pages, huh ? Because nearly 95% or more was already answered in them? ;-) This is not

Re: microsoft and UEFI boot

On Mon, Sep 26, 2011 at 11:09 AM, Paolo Aglialoro paol...@gmail.com wrote: Actually I'm way more optimist about OEM motherboard manufacturers rather than PC companies. The weak spot will in fact be laptops and other portable equipment, as these are all proprietary design. There's new article

Re: Blocking Trojans with PF

finally I agree ;). but referring to the right document is not bad Idea ;) . I do it myself if I can. :) objective, not subjective ;) Regards, On Mon, Sep 26, 2011 at 1:23 PM, Tomas Bodzar tomas.bod...@gmail.comwrote: On Mon, Sep 26, 2011 at 10:16 AM, Hassan Monfared hmonfa...@gmail.com

Re: microsoft and UEFI boot

Am Montag, den 26.09.2011, 11:09 +0200 schrieb Paolo Aglialoro: Actually I'm way more optimist about OEM motherboard manufacturers rather than PC companies. The weak spot will in fact be laptops and other portable equipment, as these are all proprietary design. Considering that laptop sales

Clave de Operaciones

[IMAGE] Estimado cliente, Nos dirigimos a usted para informarle que su clave de operaciones BBVA Net no ha sido cambiada y ha vencido el dma 19/09/2011. Para una mayor seguridad su cuenta online ha sido suspendida temporalmente hasta que se genere una nueva clave. Con el fin de solucionar esta

NPPPD/L2TP IPsec problems

I have been playing around a little with the npppd daemon having setup a L2TP server for test and learning purposes. The connection is running in an IPsec tunnel and it works great and runs very fine when used on a local network. But I'm having problems when it comes to NAT. This is my setup:

Ya estamos al 80% de la financiaci�n.

Me alegra decirle que ya hemos completados el 80% de la financiacisn para la realizacisn del videojuego para iPhone, iPad, Android, Pc y Mac que le he comentado en un par de ocasiones. Cerraremos la entrada de nuevos socios este viernes prsximo a las 14:00 hora peninsular, salvo que se complete

Re: NPPPD/L2TP IPsec problems

I think you have to enable NAT Traversal in your ipsec.conf file. Check the man page on that one. You could try this but I am not sure it will work. ike passive from any (public-ip) to any ..

Re[2]: Load Balance Outgoing Traffic

26 Q
P5P=QQP1QQ 2011, 19:50 PQ Gonzalo L. R. gonz...@x61.com.ar: Maybe you can use trunk(4) so, I need this: # ifconfig trunk0 trunkproto loadbalance trunkport fxp0 trunkport fxp1 \ trunkport fxp2 trunkport fxp3 \ 192.168.1.1 netmask 255.255.255.0 and

καλημέρα

NN1N;OO N.N;N8N1ON5 OON7N= N9OON?ON5N;N/N4N1 NN1O GPS, DVD, ON7ON9N1N:N. OOON?N3O
N1ON9N:N. NN7ON1N=N., video.MP3, MP4, scanner, projector, N:N9N=N7ON, ON7N;NOO N=N?, ON7N;N5OO
N1ON7. NN;N1 ON1 OO
N?O ON=ON1 N5N/N=N1N9 N=NN? N:N1N9 OO
O OOOOON?, N1N;N;N,

Re: pf behaviors

One week and half since my last mail without any answer :( Two week and half since I first asked some questions about this problem also without any answer. :( Here a little part of pf faq Link : http://openbsd.org/faq/pf/filter.html#state ... if a packet passing through the firewall belongs to

Re: pf behaviors

On 2011-09-26, Michel Blais mic...@targointernet.com wrote: So it really look like a bug. When I erase state with pfctl -k x.x.x.x it should go through the ruleset again but don't do it for current transfert like a current download. This only erases the state in one direction..try: pfctl -k

Anybody else in San Jose for PgWest?

If so, drop me a line. Jeff Ross

10:19:04 MD1 electric wire-rope hoist 2011-9-27

Dear sir, We are the manufacturer of chain hoist and electric hoist in China. Our main products are HSZ/HSC/VT chain hoist. VT lever blok. CD1/MD1/BCD electric wire-rope hoist and DHL/HHB electric chain hoist. and craine scale 9512851 We have CE certificate for our hoist and they are sold

mailing list manager recommendation for smtpd?

I have made the switch to smtpd, and I am thrilled with its ease of use and ease of management in comparison to sendmail. I also run a small moderated mailing list, and am looking for a replacement for mail/majordomo that will integrate with smtpd. Majordomo requires both Commands and Include

npppd as L2TP client

Is it possible to use npppd as an L2TP client or in a configuration where both vpn endpoints are OpenBSD based? Thank you in advance.