Milter-greylist

13 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2016�\u0433. 19:26:59 CEST, "Bob Friesenhahn bfriesen@... [milter-greylist]" <milter-greylist@yahoogroups.com> \u043f\u0438\u0448\u0435\u0442:
>On Mon, 12 Sep 2016, Jim Klimov jimklimov@... [milter-greylist]
>wrote:
>>
>> We use p0f (3.06b, 3.08b iirc is last) coerced to compile under 
>> solarish oses that we use (tweaks should be on my github). Depending 
>> on platform release we had libpcap issues that it processed packets 
>> by larger buffers at once, so p0f might not yet have answers when 
>> needed.
>
>Does using the p0f feature increase the opportunity for a security 
>weakness so it is more likely that the host machine can be 
>compromised?
>
>Can it work in VMs, containers, or Solaris zones, which are not 
>allowed access to raw packets due to network security concerns?
>
>Bob

In VMs we had a problem that it detected the hypervisor's OS as the local one (e.g. thinking it was windows while it was a solaris in virtualbox), but I think proper bridging maybe over a dedicated nic solved that.

Jim
--
Typos courtesy of K-9 Mail on my Samsung Android