spf and masquerading
Just two thoughts:
a) Statefull packet filtering would be quite senseless
if I applied it to a masquerading server because that would not allow
connections to hosts other than the firewall (exept I explicit programm
them). Right or wrong?
b) On a normal host, spf is only good to avoid opening all ports above
1023, right? But in case I deny connections (SYN-Flag) to those ports,
will it bring me any advantage?
Linux - the choice of the GNU generation. Join the Debian Project
Christian Hammers * Oberer Heidweg 35 * D-52477 Alsdorf * Tel: 02404-25624
50 3C 52 26 3E 52 E7 20 D2 A1 F5 16 C4 C9 D4 D3 1024/925BCB55 1997/11/01