iptables stateful matching security
I have written a firewall for the company I work for, which uses stateful
packet matching. I have this question: Is is safe/secure/wise to do this.
For instance, if I require no one from the outside to connect to the local
linux box, would I be safe doing "iptables -A INPUT -m state --state
ESTABLISHED,RELATED -j ACCEPT" followed by "iptables -A INPUT -j DROP"?
Can I be reasonably assured that my box is secure using this firewall and
keeping up with the latest 2.4 kernels? (of course, I am running
tripwire, and have a minimal set of users and services running on the
box).
Thank you for helping me clear up this point of confusion between my
colleagues and I....
--
Q: How many Microsoft support staff does it take to change a light bulb?
A: Four. One to ask "What is the registration number of the light bulb?", one
to ask "Have you tried rebooting it?", another to ask "Have you tried
reinstalling it?" and the last one to say "It must be your hardware because
the light bulb in our office works fine..."
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: