On Mon, Mar 26, 2001 at 08:01:34PM +0200, Alson van der Meulen wrote: > It accepts all other traffic to non-privileged ports. i prefer to > allow traffic without the syn flag (not initiating a new connection) > only, not all misc traffic, it's more secure, the way to do it is > like: > ipchains -A input -s 0/0 -d 0/0 1024:65535 -p tcp ! -y -j ACCEPT > ipchains -A input -s 0/0 -d 0/0 1024:65535 -p udp ! -y -j ACCEPT > unfortuantly this breaks irc, ftp and many other things. > Read the ipchains howto for more info > -- > ,-------------------------------------------. > > Name: Alson van der Meulen < > > Personal: alson@linuxfreak.nl < > > School: alson@gymnasiumleiden.nl < > `-------------------------------------------' > Nobody was using that file /vmunix, were they? > --------------------------------------------- > > > -- > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpqyP6_BvRcR.pgp
Description: PGP signature