|
|
Here are some recent changes to FreeBSD current:
Dag-Erling Smorgrav has updated OpenSSH 3.8p1 to change some configuration defaults: the server no longer accepts protocol version 1 nor password authentication by default.
Max Laier has started importing OpenBSD's packet filter (pf) from it's port (security/pf). The kernel parts are done, though not linked to any automatic build. If you want to build it already, you can build from the corresponding module directories: sys/modules/{pf, pflog, pfsync}. Be sure to install new and modified headers.
Bruce M Simpson has just merged version 2.27 of rhyolite.com's routed into the tree.
[Read more]
-------------------------------------
To: current@freebsd.org
From: des@des.no (Dag-Erling Smorgrav)
Date: Thu, 26 Feb 2004 12:30:03 +0100
cc: security@freebsd.org
Subject: HEADS UP: OpenSSH 3.8p1
Take the usual precautions when upgrading.
Also note that I have changed some configuration defaults: the server
no longer accepts protocol version 1 nor password authentication by
default. If your ssh client does not support ssh protocol version 2
or keyboard-interactive authentication, the recommended measures are:
1) get a better client
2) get a better client (I mean it)
3) get a better client (for real this time!)
and as a last resort
4) enable procol version 1 and password authentication in sshd_config
DES
--
Dag-Erling Smorgrav - des@des.no
===
Date: Thu, 26 Feb 2004 05:34:18 +0100
From: Max Laier <max@love2party.net>
To: current@freebsd.org
cc: hackers@freebsd.org
cc: net@freebsd.org
Subject: HEADS UP: pf import
Hi,
we started importing OpenBSD's packet filter (pf) from it's port
(security/pf). The kernel parts are done, though not linked to any
automatic build. If you want to build it already, you can build from the
corresponding module directories:
sys/modules/{pf, pflog, pfsync}
Make sure to install new and modified headers.
User of the port should hold off until this is done. The port will no
longer build with the new headers installed! There is no userland in the
tree, yet!
This brings pf from OpenBSD 3.4 with the complete OpenBSD 3.4 function
set. It was tested from the port for a long time now and brings some
features that were not available to FreeBSD before. We have reports from
people successfully running the port (and a preliminarily version of the
changes committed now) on production-use firewalls and servers.
To get an idea of pf's power I suggest reading the OpenBSD FAQ about it:
http://www.openbsd.org/faq/pf/index.html
or if you prefer a summarize, check out the port status report:
http://www.freebsd.org/news/status/...Porting-OpenBSD's-pf
--
Best regards, | max@love2party.net
Max Laier | ICQ #67774661
http://pf4freebsd.love2party.net/ | mlaier@EFnet
===
Date: Wed, 25 Feb 2004 23:58:18 +0000
From: Bruce M Simpson <bms@spc.org>
To: freebsd-current@freebsd.org, freebsd-net@freebsd.org
Subject: HEADS UP: routed(8) source update
Hi,
I've just merged version 2.27 of rhyolite.com's routed into the tree.
If you track -CURRENT and use the MD5 authentication feature, note that
it is no longer compatible with previous versions of FreeBSD; however it
is now compatible with the Sun Solaris and Cisco implementations.
I have added a note about this to src/UPDATING.
Thanks,
BMS |
|
IP卡
狗仔卡
发表于 2004-3-11 14:51:08
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡