Re: Question about ipchains
On Tue, Mar 27, 2001 at 09:41:49AM -0800, Tom Marshall wrote:
> > > > protocols that require incoming connections are lame anyway
> > >
> > > unfortunatly many do this.
> > not so many... active ftp, irc/dcc... some online gaming thingies...
> > more?
>
> Pretty much any peer-peer program (irc/dcc is just the best example of it).
> For example, all IM apps that I am aware of need incoming connections for
> certain features like file transfers and voice chat.
don't use that features if you care about security, (l)icq has some
firewalling options, like restricting to use a specified port, you can
accept only that port...
if programs require that i accept all incoming connections to high
ports, like active ftp does, and there's no solution like the
statefulnes of 2.4, i simly don't use that protocols, at least, not at
work
BTW: msn messenger (sorry) works fine thru a http proxy, even file
transfers (i don't use it)
--
,-------------------------------------------.
> Name: Alson van der Meulen <
> Personal: alson@linuxfreak.nl <
> School: alson@gymnasiumleiden.nl <
`-------------------------------------------'
System coming down in 0 min....
---------------------------------------------
Reply to: