Tagged "Firewall"

CVE-2023-4809: FreeBSD pf bypass when using IPv6

A few months ago, as part of our investigations on IPv6 security in the NetSecurityLab @ Sapienza University, we discovered a vulnerability that allows attackers to bypass rules in pf-based IPv6 firewalls in particular conditions. Let’s see some details of this vulnerability.

MikroTik RouterOS: how to use hostnames in firewall rules (instead of IP addresses)

Important note! Apparently now RouterOS supports hostnames in address lists (tested in 6.