[lug] logger entry for punching hole for nameserver
David Trowbridge
jupiter at flatirons.org
Tue Apr 24 09:37:38 MDT 2001
Hi - I'm new to the list. I'd like to point out a possible problem (that
most probably already know about) and ask a question.
First, iptables (in its default distribution) has a fairly serious
security hole. Most firewalls are configured to utilize the RELATED state,
but if a person can get an FTP connection, they can add rules to your
firewall. There's an advisory on securityfocus and a netfilter patch for
the kernel.
Second, does rh7.1 come with 2.4.2? I haven't yet had time to download the
images.
Nice to find a new mailing list with interesting people,
-David
-------------------
David Trowbridge
jupiter at flatirons.org
http://jupiter.babylonia.flatirons.org
"Base 8 is just like base 10 really...if you're missing two fingers"
On Tue, 24 Apr 2001 charles at lunarmedia.net wrote:
> >
> > I haven't seen it before. What kernel version is it? I wonder if it is
> > maybe something new with 2.4.x iptables. A search on google for
> > "punching nameserver" didn't get anything.
> >
>
> yeah, this was a new one one me. i am running 2.4.2, however
> i am using ipchains rulessets rather than ones written for
> iptables. its a brand new install of rh7.1
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
More information about the LUG
mailing list