Re: nmap 113/auth on shorewall
- From: Some Dude <somedude@xxxxxxxxxxx>
- Date: Thu, 22 Jun 2006 11:09:10 GMT
Stachu 'Dozzie' K. wrote:
On 17.06.2006, dshesnicky@xxxxxxxxx <dshesnicky@xxxxxxxxx> wrote:\|/
I didn't ask if you use any service from firewall. I asked if you useSomeone could be using either from inside the company
IRC or FTP _anywhere_.
through the firewall - why? I understand why your asking
No, you don't. FTP and IRC (often) use ident protocol to determine the
username on remote machine of connecting user (that is, on user's
machine). Try guess how long would be delay if you DROP packets and if
you REJECT them.
Every "how to build my first firewall" document teaches that.
but if it needs to be on I should see it in my configs. What
bothers me is that it shouldn't even be there, it makes me
wonder about shorewall to some extent.
I think what I will do is put a specific DROP rule on it to
if it changes anything.
-0-
/|\
A condescending puckered anus.
.
- References:
- nmap 113/auth on shorewall
- From: dshesnicky
- Re: nmap 113/auth on shorewall
- From: Moe Trin
- Re: nmap 113/auth on shorewall
- From: dshesnicky
- Re: nmap 113/auth on shorewall
- From: Stachu 'Dozzie' K.
- Re: nmap 113/auth on shorewall
- From: dshesnicky
- Re: nmap 113/auth on shorewall
- From: Stachu 'Dozzie' K.
- Re: nmap 113/auth on shorewall
- From: dshesnicky
- Re: nmap 113/auth on shorewall
- From: Stachu 'Dozzie' K.
- nmap 113/auth on shorewall
- Prev by Date: Setting Up Nat (Full cone, restricted...) using IPTABLES
- Next by Date: iptables only allowing tcp packets with PSH set
- Previous by thread: Re: nmap 113/auth on shorewall
- Next by thread: Re: nmap 113/auth on shorewall
- Index(es):
Relevant Pages
|
