more stupid network questions
Tony Alfrey
tonyalfrey
Mon May 17 12:01:19 PDT 2004
On Monday 12 April 2004 11:08 am, David A. Bandel wrote:
> On Mon, 12 Apr 2004 09:29:01 -0700
>
> Tony Alfrey <tonyalfrey at earthlink.net> wrote:
> > On Monday 12 April 2004 08:44 am, David A. Bandel wrote:
> > <snip>
> >
> > > study away. What I did was to give you three stateful firewall
> > > rules that should prevent anyone from connecting on eth0 (change
> > > to whatever interface you use as your default gateway). I don't
> > > like the way the lines got changed, though. Each line starts
> > > with 'iptables' and ends with either ACCEPT or DROP.
> >
> > Yeah, I figured that out.
> > Sso I can add this to MY box regardless of what my friend has on
> > his firewall?
>
> Absolutely. Then no one will be able to connect to you. There is
> one more rule you could use, but it's only useful against scans so I
> omitted it. Personal firewalls are always a good defense, but the
> commercial ones like BlackIce, etc., I don't trust. I trust
> Firewall-1 (but it's a bit pricey and designed for high-end
> connections) and I trust Netfilter/IPTables.
Why would I not want to use something useful against scans? Isn't that
a major part of the firewall thing?
<snip>
--
Tony Alfrey
tonyalfrey at earthlink.net
"I'd rather be sailing"
More information about the Linux-users
mailing list