Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is it time to block all Microsoft protocols in the core?

  • From: Steven M. Bellovin
  • Date: Tue Jan 28 18:14:08 2003

In message <20030128222210.GA84278@pit.databus.com>, Barney Wolff writes:
>
>On Wed, Jan 29, 2003 at 03:50:34AM +0545, Joe Abley wrote:
>> 
>> On Wednesday, Jan 29, 2003, at 01:25 Asia/Katmandu, Joe Abley wrote:
>> 
>> >On FreeBSD, NetBSD, OpenBSD and Darwin/Mac OS X (the only xterms I 
>> >happen to have open right now) this is not the case, and has not been 
>> >for some time. I presume, perhaps na?vely, that other operating 
>> >systems have done something similar.
>> 
>> This is not right. Guess I was typing "man" in the wrong xterms.
>> 
>> FreeBSD (4.x, 5.x) listens to the network by default (and can be 
>> persuaded not to with a "-s" flag). NetBSD (1.6) does the same.
>
>You were right the first time, at least for FreeBSD.  The "-s" flag
>is applied by default - see /etc/defaults/rc.conf .  Not quite as
>idiot-proof as a compiled-in default, but way better than defaulting
>to listening.

The same is true of NetBSD 1.6; look in the same place.


		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.