Re: ipchains too old?

From: Bruno Wolff III (bruno@cerberus.csd.uwm.edu)
Date: 06/06/02


From: Bruno Wolff III <bruno@cerberus.csd.uwm.edu>
Date: 6 Jun 2002 20:18:29 GMT

In article <5c54b98.0206060920.4fd342ed@posting.google.com>, cam wrote:
>
> I realise that there is probably not a lot more I can do apart from
> get a firewall in place and set up snort or some other nids to keep an
> eye on it. My question is whether ipchains is still valuable or is it
> simply too old to bother with? I have to stick with the 2.2 kernel so

IPChains is still useful. It doesn't have the stateful stuff that iptables
has, but you can still block connections to ports that shouldn't be connected
to. This is helpful if you are running services for benefit of the local
host but that are not intended to be available from other hosts.



Relevant Pages

  • Re: ipchains too old?
    ... > get a firewall in place and set up snort or some other nids to keep an ... IPChains is still useful. ... but you can still block connections to ports that shouldn't be connected ... host but that are not intended to be available from other hosts. ...
    (comp.os.linux.security)
  • Opening a port (ipchains)
    ... I've got a computer that's using tcpd, ipchains, and portsentry. ... want to open a non-priveleged port at least to one specific host; ...
    (comp.os.linux.security)
  • Re: Problems with masquerade my IP address and host name.
    ... > I have a problem with my ipchains configuration. ... > hide/masq my internal IP address and host name something goes wrong. ... addresses are not routed over the Internet, ... -you want all OUTGOING packets to be masqed, so just this line will do: ...
    (comp.os.linux.security)
  • Re: ipchains -C tests dont reflect reality?
    ... > I have a situation where I can successfully make dns requests to a ... > host on our LAN across the ipchains firewall: ... > Here is a log of a successful DNS exchange: ...
    (comp.os.linux.security)
  • Re: Block by client-version
    ... I would like to be able to allow connections from all host IP's, ... be able to block connections from any client-versions that we have not ... ICQ: 13680126 ...
    (SSH)