Re: Broadcast packets

To: Jim Penny <jpenny@universal-fasteners.com>
Cc: debian-firewall@lists.debian.org
Subject: Re: Broadcast packets
From: Pedro Corte-Real <typo@netcabo.pt>
Date: Thu, 18 Oct 2001 19:53:22 +0100
Message-id: <EXCH01SMTP02SXdUjps0001bf12@smtp.netcabo.pt>
In-reply-to: <20011017183817.L24987@universal-fasteners.com>
References: <EXCH01SMTP01Q49LiIW0003f08a@smtp.netcabo.pt> <20011017183817.L24987@universal-fasteners.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> Good God man.  You do that!  You no longer have a firewall, (although
> Samba is better than Microsoft's stuff, by a long ways).
>
> Put a non-broadcast print server on your firewall, like lprng.  Filter
> it on the hot card.  Accept on the network side.
>
> Install a lpr on your windows boxes.  Don't put unnecessary broadcast
> based software on a firewall!
>

I drop every udp packet coming into the firewall from those ports and samba 
(by configuration) doesn't broadcast on those adresses. The setup is safe I 
just want to make it safer. And i'd like for it to not even be listening on 
that port. 

So now that the political "You shouldn't be doing this at ALL !!!!" kind of 
awnser is taken care off can anyone actualy awnser my question?

I asked if it was possible to hear broadcast packages without binding to 
0.0.0.0 (all interfaces) but to 192.168.1.0 instead. Anyone know?

Greetings from portugal

Pedro.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7zyUp2SBo0jBmgGARAgPGAKCzGlZuOAov2oJViZLARQ/vQdhB1gCfa1VW
W+Waaw/CDOyBxMRO3akpLbs=
=G5VJ
-----END PGP SIGNATURE-----

Reply to:

References:
- Broadcast packets
  - From: Pedro Corte-Real <typo@netcabo.pt>

Prev by Date: Broadcast packets
Next by Date: Re: Broadcast packets
Previous by thread: Broadcast packets
Next by thread: Re: Broadcast packets
Index(es):
- Date
- Thread