[off topic] poor firewall (was Re: [Snort-users] Strange traffic?)

Jyri Hovila jyri.hovila at ...2940...
Wed Sep 26 10:33:03 EDT 2001


Hi!

>I know it is not directly relationed to snort but I got worried when
Erek
>mensioned "poor configured firewalls".
>Where could I find some information about *GOOD* IPChains rules and
what
>exploit are they for.

First of all, you might want to upgrade the kernel of your Linux
firewall to version 2.4.x and start using iptables instead of ipchains.
Ipchains is not capable of stateful firewalling so it's really a bit
outdated piece of software now. Rule syntax of iptables is very similar
to ipchains, so it souldn't be too difficult to learn.

Check out these:

iptables/netfilter project home page
(netfilter is iptable's other name...=)

	http://netfilter.samba.org/

usage/configuration guides

	http://people.unix-fu.org/andreasson/index.html
	
http://www.yolinux.com/TUTORIALS/LinuxTutorialNetworkGateway.html

Linux kernel archives

	http://www.kernel.org/


Hope this helps you!

Yours,

Jyri

Information Security Specialist
E-mail: jyri.hovila at ...2940...

Certifications:
http://www.brainbench.com/transcript.jsp?pid=2301241





More information about the Snort-users mailing list