Change IPFW default to allow
Tim Daneliuk
tundra at tundraware.com
Sun Dec 9 18:37:47 UTC 2018
On 12/9/18 12:29 PM, Michael Sierchio wrote:
> Default to accept merely means that the default rule - rule 65535 - permits
> all traffic.
Also a good point.
The risk is directly proportional to how many open ports exist on the machine
in the first place. For many years I ran a NATDing boundary machine
with NO firewall. The very few things that were actually up and listening
were all managed via hosts.allow entries and THAT defaulted do Do Not Allow.
In over a decade of running this way, that machine was never even slightly
compromised...
--
----------------------------------------------------------------------------
Tim Daneliuk tundra at tundraware.com
PGP Key: http://www.tundraware.com/PGP/
More information about the freebsd-questions
mailing list