> I was wondering if IPTables defeat http tunnelling out of the box (after > installing Linux 2.4) or must they be configured first? > IPtables can't defeat HTTP tunneling by itself, you'd need an add-on module that inspects the data being transported. Even that probably won't really help, since you're dealing with perfectly valid HTTP, which goes through ALGs as well.
> I installed Linux for the 1st time last week (SuSE 7.3) and don't > understand if the SuSE Personal Firewall (rejects TCP unasked for TCP > connections from outside?) eliminates the need for a hardware firewall in > front of it? I'm not running a server of any kind, I don't need to log in > remotely or anything like that. If I get an old 486 and run a firewall > from a boot floppy/RAMdisk would I get any more protection? > We can't really answer that question, it depends on what you need and want. As for SuSE Personal Firewall, questions about that should probably be directed at the SuSE-Security mailing list at [EMAIL PROTECTED] The 'SuSE Personal Firewall' uses IPtables, it'll be as secure as any other IPtables-based solution with the same set of rules. The latter is the interesting part. > I've been searching the net about this but information about IPTables is > rare, most people talk about ipchains instead. > Well, I've got 5000 unread mails from the netfilter mailing list in my inbox ([EMAIL PROTECTED])... (Note: netfilter is Linux 2.4's kernel packet filtering, iptables is merely the tool to configure that). Cheers, Tobias _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
