Re: [masq] FTP and firewalls

Clifford Hammerschmidt (chammers@pim.bc.ca)
Thu, 28 Jan 1999 09:11:56 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tim Fletcher: "Re: [masq] FTP and firewalls"
Previous message: Avery Pennarun: "Re: DHCP client from ROOT Floppy"

>
>ipchains -A input -j ACCEPT -y -p tcp -s 0.0.0.0/0 20 -d yourip 1024:65535

um, why bother running the firewall then? This is also the same an -P input
ACCEPT... your allowing anyone to connect from their port 20 (easy enough
to spoof) to your box on any port above 1023... not a great idea. Someone
using NMap could scan all your upper ports easily.

Is it that hard to type PASSIVE?

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Tim Fletcher: "Re: [masq] FTP and firewalls"
Previous message: Avery Pennarun: "Re: DHCP client from ROOT Floppy"