Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: "Mickey Mullin" <mickey@...>, <gentoo-security@g.o>
From: "Thomas T. Veldhouse" <veldy@...>
Subject: Re: firewall suggestions?
Date: Thu, 8 Jan 2004 08:14:20 -0600
Mickey Mullin wrote:
> If by "firewall," you mean an application(Process ID?)-specific
> Internet security tool, then you may well have identified an as-yet
> unfulfilled need.  If you only mean to imply greater security in that
> connection attempts to closed ports appear invisible, then iptables
> aready does that.
>
> In "closing" ports, one has the option - nay one is recommended - to
> use the "DROP" target which has the desired effect of which you speak.
> (Unwanted packets are simply and silently dropped upon the proverbial
> floor.)  There are, of course, cases where using, say, "REJECT" may be
> prefered - most notably if one is using one's Linux box to do some
> true grit routing (as when using multiple Internet service
> providers).  In those cases, if a neighboring router is trying to
> pass packets *through* one's area, one wants to let one's neighbor
> know as soon as possible
> that it should look elsewhere.
>
> dreamwolf

It is probably a very good idea to actually REJECT ident (113/tcp) lookups
rather than drop them.  It is very common to have reverse ident lookups do
to your activity, and a DROP will cause a delay that is not needed.  This
particular item is normal and not a security concern in and of itself.  As a
matter of fact, it is so common, it is good to not even log it.

Tom Veldhouse


--
gentoo-security@g.o mailing list

References:
firewall suggestions?
-- Pooh Sun Tzu
Re: firewall suggestions?
-- Mark Hurst
Re: firewall suggestions?
-- Mickey Mullin
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
Re: firewall suggestions?
Previous by date:
Re: firewall suggestions?
Next by date:
Re: firewall suggestions?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.