[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [suse-security] Firewall Check



>--> A router cannot detect which program sent the package. It can deny
>access to certain IP ranges and/or certain port ranges.

Not tru for all routers.
Cisco routers have an add in feature to the IOS called NBAR
(Network Based Application Recognition)
Which allows you to set up ACL's, CAR, traffic shaping etc based on the
application type.

Makes blocking things like kazaa and gnutella very very simple.
No reason why you couldn't use it to weed out traffic that is not deemed
wholesome.

B


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here