On 13.03.2004 14:29 +0100, Huub Reuver wrote:
> Since I have a server running FreeBSD 4.9 Release I more or less
> follow the security advisories regularly.
> Since M0n0wall 1.0 came out at 02-15-2004 there has been one
> advisory about a remote DOS exploit. Is M0n0wall is also
> susceptible since little direct TCP connections can be made? (My
Only if you open the firewall itself up on the WAN side (not usually
necessary - not even if you use incoming NAT, but happens if you
enable PPTP VPN) - therefore I don't consider this a serious issue.
Nevertheless, the fix will be in the next release.
> box does not accept connections from the WAN interface, still it
> could be attacked from the inside.)
If there's the chance that somebody might attack your firewall from
the inside, then you've got bigger things to worry about than that
particular DoS exploit.