IPtables accept dest-IP other than the own

To: debian-user@lists.debian.org
Subject: IPtables accept dest-IP other than the own
From: Raphael Brunner <lilo-@gmx.ch>
Date: Tue, 21 Nov 2006 16:55:15 +0100
Message-id: <[🔎] 20061121155515.GA7164@neptun>
Reply-to: lilo-@gmx.ch

Dear Users

I use to control our Network wireshark on a hub. Now, to protect the
computer where wireshark is running, iptables is active. Now, my
question is, to collect the traffic, iptables must accept all the traffic.
Is it not dangerous to accept all IP's other than the own and drop only
the pakets with dest-ip to the IP of the Security-Box? Or are there some
known attacks? Ok, except flaws of wireshark, thats not possible to
protect. ;)

Thanks for your Ideas and opinions...
have a nice evening.
Raphael

Reply to:

Follow-Ups:
- Re: IPtables accept dest-IP other than the own
  - From: "srg krn" <srgqwerty@gmail.com>

Prev by Date: Re: xserver-xorg: recent upgrade blowed out my X server
Next by Date: Re: Delete Win 2K partition on Debian dual boot to re-use space.
Previous by thread: Re: Debian sub-menu gone from Gnome---Never mind!
Next by thread: Re: IPtables accept dest-IP other than the own
Index(es):
- Date
- Thread