From: "Aldo S. Lagana" <alagana@discmail.com>
To: 'Ralph Churchill' <mrchucho@yahoo.com>, netfilter@lists.netfilter.org
Subject: RE: simply confusing
Date: Thu, 23 Jan 2003 15:31:55 -0500 [thread overview]
Message-ID: <000401c2c31e$78424780$3864a8c0@discmail.com> (raw)
In-Reply-To: <20030123200314.99399.qmail@web11401.mail.yahoo.com>
that is a bit vague...for instance if the clients' gateways are other
boxes/routers/firewalls, and your attacked client is on the same LAN as
the attackers, then your little firewall will do little to filter those
packets. What's your infrastructure? In other words, does your
'attacked' client reside on a separate NIC off the little firewall and
you are forwarding to it? if so, you need to filter on the FORWARD
chain, etc.
to make a sound and viable isolated network off of a firewall, it should
reside on it's own NIC and the firewall will filter packets as they get
passed from NIC to NIC or Network to Network.
check out the Iptables tutorial for more info:
http://iptables-tutorial.haringstad.com/iptables-tutorial.html
> -----Original Message-----
> From: netfilter-admin@lists.netfilter.org
> [mailto:netfilter-admin@lists.netfilter.org] On Behalf Of
> Ralph Churchill
> Sent: Thursday, January 23, 2003 3:03 PM
> To: netfilter@lists.netfilter.org
> Subject: simply confusing
>
>
> I work at a large company and was having some fellow
> employees regularly scanning my box... so I put up a
> little firewall. Here's my one and only rule:
>
> iptables -A INPUT --source 192.168.0.0/16 -j DROP
>
> Now, shouldn't that block any and ALL traffic from any
> computer on the 192.168.*.* subnet? Do I need to be
> more explicit? I also have snort running and I see
> some stuff getting through... Thanks.
>
> RMC
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
prev parent reply other threads:[~2003-01-23 20:31 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-01-23 20:03 simply confusing Ralph Churchill
2003-01-23 20:18 ` Michael P. Soulier
2003-01-23 20:24 ` Maciej Soltysiak
2003-01-23 20:40 ` Ralph Churchill
2003-01-23 21:41 ` Rob Sterenborg
2003-01-23 20:31 ` Aldo S. Lagana [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='000401c2c31e$78424780$3864a8c0@discmail.com' \
--to=alagana@discmail.com \
--cc=mrchucho@yahoo.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.