Currently IP-MasQ As I am on a dial-up and only have one external (dymanically assigned IP addy) THe server that actas as proxy is still running drake 7.2 but will be migrated to SuSE shortly. If ya diecide to use IP masq there's a wonderful little utility available to guides you through setup called pm firewall. Lemme know if yacan't find It as I' can email it to ya. Harold
From: Ashley <ashleyg@dnai.com> To: suse-security@suse.com Subject: Re: [suse-security] trojan question Date: Thu, 12 Apr 2001 15:04:22 -0700 MIME-Version: 1.0 Received: from [202.58.118.3] by hotmail.com (3.2) with ESMTP id MHotMailBC9FE20B007F4004325BCA3A7603127F0; Thu Apr 12 23:04:59 2001 Received: (qmail 16912 invoked by alias); 13 Apr 2001 06:04:35 -0000 Received: (qmail 16905 invoked from network); 13 Apr 2001 06:04:35 -0000 From suse-security-return-6637-ambrosius1972 Thu Apr 12 23:05:52 2001 Mailing-List: contact suse-security-help@suse.com; run by ezmlm Precedence: bulk X-No-Archive: yes list-help: <mailto:suse-security-help@lists.suse.com> list-unsubscribe: <mailto:suse-security-unsubscribe@lists.suse.com> list-post: <mailto:suse-security@suse.com> X-Mailinglist: suse-security Delivered-To: mailing list suse-security@lists.suse.com Message-ID: <20010412150421.A23452@rose.ashnet> Mail-Followup-To: suse-security@suse.com References: <000001c0c350$c4dc0f10$b400000a@host.belfin.com> <00d501c0c3a0$738a48c0$3200030a@seifried.org> User-Agent: Mutt/1.3.12i In-Reply-To: <00d501c0c3a0$738a48c0$3200030a@seifried.org>; from listuser@seifried.org on Thu, Apr 12, 2001 at 04:32:25PM -0600
I'm starting to explore proxies. I'm curious which application level proxies you are using.
Simple:
If your firewall is like mine then only packets going out to port 25,
On Thu, Apr 12, 2001 at 04:32:25PM -0600, Kurt Seifried wrote: port 80,
etc are allowed, thus a trojan is less likely to be able to connect out (since they use ports like 31337 and so on). Plus since my firewall runs application level proxies for www/ftp, email, etc about the only protocol I allow my internal machines to do outbound is 22 (ssh), which makes keeping tabs on what is going on very easy.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- -ashley
One of these days I'm going to completely organize my life.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
_________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com
participants (1)
-
Harold !