On Wednesday 05 March 2008, Ted Unangst wrote:
> On 3/5/08, steve szmidt <[EMAIL PROTECTED]> wrote:
> > Looks like the malloc is addressed. Anything on the other attack vectors?
>
> Do you have a particular concern or are you asking for a 53 slide
> response presentation?
25 would be enough. :)
I know that there is a lot of ongoing work and I figured that you would be
quite familiar with what what Hawkes said, and would be able to say Oh yes,
we closed those doors three releases ago, or some such.
All the firewalls I build use OBSD, I tell my clients to buy it etc. Naturally
if there was some particular scenario which he discovered that had not been
resolved it's in my best interest to know about it. (I'm not concerned about
things that require physical access.)
Not being able to keep up with all that goes on I try to chase down those that
I do run into. Thus my question.
The only things I use on these is pf and ssh, so I'm not concerned over some
third party app with whatever holes in the app. However it is still not a
default config.
--
Steve Szmidt
"They that would give up essential liberty for temporary safety
deserve neither liberty nor safety."
Benjamin Franklin
