Linked by Thom Holwerda on Wed 20th Sep 2006 21:03 UTC, submitted by Jason Dixon
OpenBSD Pre-orders for OpenBSD 4.0 are now available in the online store. Five architectures on three CDs in a soft-shell DVD case. Check out the highlights of OpenBSD 4.0. This new release adds support for many wireless chipsets, as well as support for the UltraSPARC III, and much, much more.
Permalink for comment 164222
To read all comments associated with this story, please click here.
RE[2]: Try it
by tomfitzyuk on Thu 21st Sep 2006 12:20 UTC in reply to "RE: Try it"
tomfitzyuk
Member since:
2006-01-25

--- On a workstation I don't see why this matters in any way. ---
Despite how it's just a workstation, doesn't mean I'm going to want it much less secure than that of a server. I would prefer to have one outgoing port open for FTP rather than 20,000.

--- On a firewall you'd use ftp-proxy for this. Well, you could probably use ftp-proxy on a workstation too but why bother? ---
I know ftp-proxy would be used for a firewall, to allow machines behind the firewall to use FTP properly; however, ftp-proxy doesn't allow the actual machine with PF (be that a firewall machine, or a workstation with PF) to access FTP properly.

I tried redirecting packets from 127.0.0.1 port 21 to 127.0.0.1 port 8021 (the port on which ftp-proxy listens) but this never worked.

I know it's not much of a problem, I'd just prefer to only have the neccessary ports open.

As to why I'm running PF on a workstation, I'm going to uni in a week and they only allow one computer connected to their network, meaning no firewall machine... and since I need a firewall, it must be on the workstation.

Reply Parent Score: 1