>[EMAIL PROTECTED] writes:
>>The OS is definitely a copy of a OpenBSD 2.3, which can be readily
>>displayed if one uses nmap. Be careful, the version of OpenBSD NFR used
>>still has a buffer overflow problem.
>
Mark,
The kernel base is no longer pure OpenBSD2.3; we've been
selectively patching it from the later code base and our own
code base. So what nmap reports probably has very little to do
with what's actually going on under the hood.
Also, your mail seems to indicate that there was a buffer
overrun in OpenBSD that affected NFR. That's completely inaccurate.
There was a table sizing problem in NFR 4.0 (we're at release
level 4.1 now) that you managed to trigger - that wasn't even
a buffer overflow and, while regrettable, never threatened
the security of the system.
Regards,
mjr.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
