Re: ipchains too old?From: Bruno Wolff III (firstname.lastname@example.org)
- Next message: Tony: "iptables and ftp problem"
- Previous message: Johannes Beekhuizen: "googlebot.com"
- In reply to: cam: "ipchains too old?"
- Next in thread: Thor Jansen: "Re: ipchains too old?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Bruno Wolff III <email@example.com> Date: 6 Jun 2002 20:18:29 GMT
In article <firstname.lastname@example.org>, cam wrote:
> I realise that there is probably not a lot more I can do apart from
> get a firewall in place and set up snort or some other nids to keep an
> eye on it. My question is whether ipchains is still valuable or is it
> simply too old to bother with? I have to stick with the 2.2 kernel so
IPChains is still useful. It doesn't have the stateful stuff that iptables
has, but you can still block connections to ports that shouldn't be connected
to. This is helpful if you are running services for benefit of the local
host but that are not intended to be available from other hosts.