On Tue, 24 Oct 2000, Todd Vierling wrote:

> On Tue, 24 Oct 2000, Andrew Brown wrote:
> 
> : >If you're worried about that level of security, you could set up the
> : >kernel part of IP filter so that it only accepts the first load of
> : >rules.  Same for ifconfig, and so on.  The list goes on.  This is one
> : >of the reasons we like Open Source(TM) systems!
> : 
> : theoterical secure level three?
> 
> Eh... more granularity of "securelevel".  In sysctls.  :)

Not to bug you, but anything of interrest which you know about now?  I've
done some grokking in there, but I have to admin there are some strange
ones which I can't guess about (most of which probably don't have anything
to do with what I'm looking for, but...):

kern.fscale
net.inet.icmp.errppslimit (what kind of errors is it limiting?)
net.inet.tcp.cwm

Again, they may have absolutely nothing to do with what I need, but I'm an
inquring mind ;-)

-Jon
 --------------------------------------------------------------------
 "Trout are freshwater fish, and have underwater weapons."
 "Zing, zing zing zing!"
 "Keep away from the trout."
 -- The opinions expressed are not necesarily those of my employer --
 "Who stole my lawn?"