Firstly, I wonder if people are aware of this? "If an attacker can establish an FTP connection passing through a Linux 2.4.x IPTables firewall with the state options allowing 'related' connections (almost 100% do), he can insert entries into the firewall's RELATED ruleset table allowing the FTP Server to connect to any host and port protected by the firewalls rules, including the firewall itself...."
Check out this link: http://www.tempest.com.br/advisories/01-2001.html Secondly, what is the best way to circumvent this flaw? Does the 2.4.3 kernel fix it; because I noted that there were a couple of new modules in it for iptables? Thirdly, If I don't have an ftp server on my computer then does that mean that it won't affect me? Assuming that all users on my side of the firewall are totally trusted. Thanks. Mark.
