Re: ipchains too old?

From: Bruno Wolff III (
Date: 06/06/02

From: Bruno Wolff III <>
Date: 6 Jun 2002 20:18:29 GMT

In article <>, cam wrote:
> I realise that there is probably not a lot more I can do apart from
> get a firewall in place and set up snort or some other nids to keep an
> eye on it. My question is whether ipchains is still valuable or is it
> simply too old to bother with? I have to stick with the 2.2 kernel so

IPChains is still useful. It doesn't have the stateful stuff that iptables
has, but you can still block connections to ports that shouldn't be connected
to. This is helpful if you are running services for benefit of the local
host but that are not intended to be available from other hosts.