This repository has been archived by the owner on Sep 27, 2023. It is now read-only.
Suggestion: if not fortify, monitor changes to packet filter firewall. #29
Comments
geoff-nixon
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'd like to strongly suggest that the
pfsettings be verified for tampering. It is extremely easy (like, by using 17.0.0.0/8 signed software and exporting a variable) to modify it. The socket/application firewall is deprecated (and I believe can be bypassed?) since the introduction of the packet filter.The text was updated successfully, but these errors were encountered: