Hi Steve, have a look here - http://l7-filter.sourceforge.net/
Simply put, "iptables does not distinguish between traffic at the application layer" - NOT TRUE!! Please, please, please - XP with SP2 a software firewall??!! Check this out for the definition of an oxymoron... http://teenwriting.about.com/library/glossary/bldef-oxymoron.htm ...sorry Iain I beat you this time :-) Regards Conrad ----- Original Message ----- From: Steve Camilleri To: [email protected] Sent: Tuesday, March 22, 2005 4:21 PM Subject: [LINUX.ORG.MT] iptables Hi all, I may not be up to scratch but I've been reading that an IPtables firewall is classified as a "hardware firewall" and has a severe disadvantage in that it does not distinguish traffic on the application level, and this could lead to malicious traffic from within. How true is this? For example one inadvertently downloads a trojan by mail on allowed port 25. This program can then access the net via port 25 or 80 etc.. and spread itself etc.. Is it possible to make iptables restrict which applications can use a specified port? XP with SP2 (a "software firewall") can do this so I'm sure that there must be a way around with linux... and with hype about products like this http://www.checkpoint.com/products/interspect/index.html ...are they really needed?? Bil Malti, if my company needs to implement a good security system for 50+ PCs, can we feel safe-ish with a dual NIC Linux box in front, with a good set of iptables rules? Is this better/worse than a dedicated firewall/router box (tipo Linksys VPN firewall etc..)?? Thanks guys Steve ------------------------------------------------------------------------------ Express yourself instantly with MSN Messenger! MSN Messenger Download today it's FREE! ------------------------------------------------------------------------------ _______________________________________________ MLUG-list mailing list [email protected] http://mailserv.megabyte.net/mailman/listinfo/mlug-list

