Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security Operating Systems BSD

OpenBSD's Packet Filter Gains OS Fingerprinting 18

Posted by CowboyNeal from the no-more-amigas-on-my-networks dept.
basilpronoun writes "The PF packet filter / firewall that comes with OpenBSD has just been improved to allow firewalling decisions to take place based not only on the source of a connection, but the operating system of that source. There are both good and evil applications, not the least of which is blocking the spam from infected Windows machines."
This discussion has been archived. No new comments can be posted.

OpenBSD's Packet Filter Gains OS Fingerprinting More

OpenBSD's Packet Filter Gains OS Fingerprinting

Comments Filter:

  • This is slick! (Score:2, Funny)

    by j0nkatz ( 315168 ) *
    Block those bastard Windows users!!!

  • Many uses (Score:5, Funny)

    by Hungus ( 585181 ) on Thursday August 21, 2003 @09:42PM (#6761190) Journal
    I like this, amongst other things it will allow me to prevent non HIPAA compliant OSs from accessing my medical sites. After all how many physcians know how to spoof ethernet packets?

    Now where did I put that openBSD box?
  • This is one of those features that would have NEVER made it into the kernel if we were still using ipf.
  • almost reason enough to move my firewall over... or see if someone will port it to linux...

    Either way, i could see some fun uses for this...

  • Worm warning (Score:3, Interesting)

    by ptaff ( 165113 ) on Friday August 22, 2003 @03:49AM (#6762881) Homepage
    Then if there is a Windows worm in the wild, all OpenBSD routers on the net can redirect the Windows traffic to windowsupdate.com ...?

    • Re:Worm warning (Score:3, Insightful)

      by pmz ( 462998 )
      all OpenBSD routers on the net can redirect the Windows traffic to windowsupdate.com ...?

      Perhaps better would be to redirect to a warning page that takes the user to their intended website after a few seconds. Simply going to windowsupdate.com would frustrate people who consciously leave their computers unpatched for various valid reasons (Windows Update is a genuine risk in itself).
      • Perhaps better would be to redirect to a warning page that takes the user to their intended website after a few seconds.

        But no one would see the page since the worm is not a web browser, it just sends out HTTP commands similiar to the way a web broweser does.

  • be nice (Score:2, Interesting)

    by muirhead ( 698086 )
    From the article:
    Or maybe I think SCO sucks sweaty monkey balls and their customers should be redirected to a web page of ranting and ravings about why they should cancel their contracts or somesuch.
    Okay, so they made a mistake, be nice.
    Don't you think that SCO's customers are suffering enough already?

    • Re:be nice (Score:2, Funny)

      by Anonymous Coward
      NO!
    • SCO has customers? IIRC, SCO made money for the first time in their history the last 2 quarters. Before M$ started pouring in money, SCO never turned a profit.

      Technically SCO didn't develop anything that they sell right now. SCO Unix (and project Monterrey) came from old SCO, which became Tarantella. SCO/Caldera just bought it from them. Old SCO had customers, New SCO has lawsuits.

Slashdot Top Deals

What is wanted is not the will to believe, but the will to find out, which is the exact opposite. -- Bertrand Russell, "Skeptical Essays", 1928

Close