[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables: identify host with DSL/Fritzbox

On Tue, 20 Jan 2009 13:30:58 +0100
Sebastian Rose <sebastian_rose@gmx.de> wrote:

> >> I have the usual DSL access to the internet here:
> >> 
> >>   my_PC  --->  Fritzbox  --->  Internet --->  Server
> >> 
> >> which means I have a new IP all 24 hours.
> >> 
> >> Is there a way to identify my PC for iptables?
Maybe port knocking could be a solution for you.

> It would be better, to have different tactics for several groups of
> IPs. AFAIK IPs like mine, dynamic ones, are reassigned all 24 hours in
> germany (Telekom).  Maybe a second thread (or process) could do a
> `whois' for all IPs tracked, and assign the IPs an appropriate
> expiration date.
> [...]
> I noticed, that the `whois' for dynamic IPs has no `[Admin-C]'
> section. Could I depend on this fact?
Looks disproportionately difficult to me. Try to do security with
simplicity in mind. Every additional piece of code, configuration,
software, component increases the possibility of errors and failures.

PS: I don't use netfilters on personal servers.


Freundliche Gruesse/Best Regards
Benjamin Hackl

Media FOCUS Research Ges.m.b.H.
Maculangasse 8, 1220 Wien
Tel.-Nr.: +43 1 258 97 01-295

Attachment: signature.asc
Description: PGP signature

Reply to: