[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Is it iptables enough?



Thanks Ralf.

Definitely, mac spoofing is quite hard, isn't?

Can iptables be cracked? What vulnerabilites exist regarding iptables?


----- Original Message ----- 
From: "Ralf Ronneburger" <ralf@xxxxxxxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Monday, February 02, 2004 11:01 AM
Subject: Re: [suse-security] Is it iptables enough?


> Hi there,
>
> it must be clear to you, that there is never a 100% security, that's why
> actually nothing is "enought". It depends on how valuable your
> information is, but for normal use iptables will be sufficient to
> restrict access to a known IP. Just be aware that a lot of rules can be
> circumvented by IP-Spoofing or false MAC-addresses, but on the other
> side that is not easy to do either.
>
> Greetings,
>
> Ralf
>
> isofroni@xxxxxxxxx wrote:
>
> >I want to strength the secure as much as possible.
> >For example i want nobody can send a packet (tcp, icmp, udp, ...) to my
machine
> >except a known ip (say 10.10.10.1)
> >
> >Is iptables sufficient then, or can be cracked with an itelligent
software?
> >
> >
> >
>
>
>
> -- 
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here