[lug] logger entry for punching hole for nameserver

David Trowbridge jupiter at flatirons.org
Tue Apr 24 09:37:38 MDT 2001


Hi - I'm new to the list. I'd like to point out a possible problem (that
most probably already know about) and ask a question.

First, iptables (in its default distribution) has a fairly serious
security hole. Most firewalls are configured to utilize the RELATED state,
but if a person can get an FTP connection, they can add rules to your
firewall. There's an advisory on securityfocus and a netfilter patch for
the kernel.

Second, does rh7.1 come with 2.4.2? I haven't yet had time to download the
images.

Nice to find a new mailing list with interesting people,
-David

-------------------
David Trowbridge
jupiter at flatirons.org
http://jupiter.babylonia.flatirons.org

"Base 8 is just like base 10 really...if you're missing two fingers"

On Tue, 24 Apr 2001 charles at lunarmedia.net wrote:

> >
> > I haven't seen it before. What kernel version is it? I wonder if it is
> > maybe something new with 2.4.x iptables. A search on google for
> > "punching nameserver" didn't get anything.
> >
>
> 	yeah, this was a new one one me. i am running 2.4.2, however
> 	i am using ipchains rulessets rather than ones written for
> 	iptables. its a brand new install of rh7.1
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>




More information about the LUG mailing list