Thanks Ralf. Definitely, mac spoofing is quite hard, isn't? Can iptables be cracked? What vulnerabilites exist regarding iptables? ----- Original Message ----- From: "Ralf Ronneburger" <ralf@ronneburger.de> To: <suse-security@suse.com> Sent: Monday, February 02, 2004 11:01 AM Subject: Re: [suse-security] Is it iptables enough?
Hi there,
it must be clear to you, that there is never a 100% security, that's why actually nothing is "enought". It depends on how valuable your information is, but for normal use iptables will be sufficient to restrict access to a known IP. Just be aware that a lot of rules can be circumvented by IP-Spoofing or false MAC-addresses, but on the other side that is not easy to do either.
Greetings,
Ralf
isofroni@cc.uoi.gr wrote:
I want to strength the secure as much as possible. For example i want nobody can send a packet (tcp, icmp, udp, ...) to my machine except a known ip (say 10.10.10.1)
Is iptables sufficient then, or can be cracked with an itelligent software?
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here