Focus on Apple
Apple releases Mac OS X v10.5.1 with Application Firewall security updates Nov 15 2007 07:11PM
Todd Woodward (todd_woodward symantec com) (1 replies)
Application Firewall security updates Nov 15 2007 08:08PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (4 replies)
Re: Application Firewall security updates Nov 21 2007 03:00PM
Dave Piscitello (dave corecom com) (2 replies)
Re: Application Firewall security updates Nov 21 2007 09:27PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (3 replies)
Re: Application Firewall security updates Nov 22 2007 06:35PM
Derek Chesterfield (dez mac com)
Re: Application Firewall security updates Nov 22 2007 04:28PM
Bruce Carter (bcarter nd edu)
RE: Application Firewall security updates Nov 21 2007 10:43PM
Todd Woodward (todd_woodward symantec com)
Re: Application Firewall security updates Nov 21 2007 09:02PM
Chris Adams (chris improbable org)
Re: Application Firewall security updates Nov 16 2007 03:58AM
Mike Savory (mike_lists nzbox com)
RE: Application Firewall security updates Nov 15 2007 09:55PM
Todd Woodward (todd_woodward symantec com)
Re: Application Firewall security updates Nov 15 2007 09:51PM
Dave Schroeder (das doit wisc edu) (3 replies)
Re: Application Firewall security updates Nov 15 2007 11:36PM
Mark Senior (senatorfrog gmail com) (3 replies)
Re: Application Firewall security updates Nov 17 2007 02:54PM
Chris Pepper (pepper reppep com) (1 replies)
Re: Application Firewall security updates Nov 19 2007 12:59PM
Sandor Szücs (sszuecs zedat fu-berlin de)

On 17.11.2007, at 15:54, Chris Pepper wrote:

>> All this is an improvement, but IMO it's still not actually good.
>> The big
>> improvement one is configd - I gave up on writing a stateful ipfw
>> filter
>> for DHCP, because the request goes out to the broadcast, but the
>> response
>> is from a non-broadcast source. Application awareness is a nice
>> one here
>
> I just realized I had blocked DHCP; this is letting it work, but I
> haven't
> done much testing yet:
>
> # Allow DHCP responses (DHCP broadcasts, which seems to defeat
> # keep-state).
> add 800 allow udp from any to any src-port 67 dst-port 68 in

Maybe you don't want to allow everyone to play DHCP Server for your box.

# if you know all your dhcp servers, take a list of them
DHCP=(192.168.0.1 10.0.0.1)
# DHCP ruleset
i=1
while [ $i -le ${#DHCP} ] ; do
/sbin/ipfw add 0200$i allow log udp from me 68 to 255.255.255.255 67 out
/sbin/ipfw add 0201$i allow log udp from $DHCP[$i] 67 to any 68 in
i=$[$i+1]
done

Greets,
Sandor Szücs
--

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFHQYipZq/O2MMUFDsRAm3cAJ45ScvkDJb0n8lLJZpRVFlnhSfOjACgmdcA
FCEdDdkurK1GQtS1nupTOZg=
=Ynft
-----END PGP SIGNATURE-----

[ reply ]
Re: Application Firewall security updates Nov 16 2007 11:03AM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (2 replies)
Re: Application Firewall security updates Nov 16 2007 05:30PM
Mark Senior (senatorfrog gmail com)
Re: Application Firewall security updates Nov 16 2007 04:34PM
Derek Chesterfield (dez mac com) (1 replies)
Re: Application Firewall security updates Nov 17 2007 12:30AM
Mark Senior (senatorfrog gmail com)
Re: Application Firewall security updates Nov 16 2007 04:47AM
Derek Chesterfield (dez mac com) (2 replies)
Re: Application Firewall security updates Nov 16 2007 04:08PM
Scott Russell (ScottRussell nd edu)
Fwd: Application Firewall security updates Nov 16 2007 04:55AM
Derek Chesterfield (dez mac com)
Re: Application Firewall security updates Nov 15 2007 10:08PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr)
Re: Application Firewall security updates Nov 15 2007 10:05PM
Dave Schroeder (das doit wisc edu)


 

Privacy Statement
Copyright 2010, SecurityFocus