Re: Firewall question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2008-05-15 at 15:10 +0100, Anne Wilson wrote:
> On Thursday 15 May 2008 13:56, Patrick O'Callaghan wrote:
> > On Thu, 2008-05-15 at 12:42 +0100, Anne Wilson wrote:
> > > In another thread Tim Evans said:
> > >
> > > You can, however, configure iptables to *allow* only a specified list of
> > > IP addresses (i.e., the ones you approve of).
> > >
> > > This set me wondering.  If you use wifi hotspots to collect mail, for
> > > instance, you have no idea what IPs you will be using.  Is there any way
> > > that the system can recognise the computer rather than the IP?  I'm
> > > guessing it must be possible, as my on-line bank knows immediately if I
> > > use a computer that I haven't used before.
> >
> > You collect mail by connecting from your machine to a server, so
> > firewall rules that block *incoming* connections won't affect you.
> >
> Sorry - you lost me :-)  When I was on holiday surely I was making an incoming 
> connection to read my mail?

Incoming to the mail server. Outgoing from your laptop. We're talking
about configuring your laptop at Wifi hotspots aren't we? Or have I
totally lost the plot?

(Nota Bene: "incoming" and "outgoing" has nothing to do with the
direction the mail is flowing. The machine behind the firewall that
sends the initial TCP request is the "outgoing" machine from the point
of view of the firewall, whether it's sending mail or reading it).

> > Recognizing the computer rather than the IP is not a firewall-level
> > question (more correctly: it's not a packet-filter level question, which
> > amounts to the same thing for most people). 
> 
> I realise that - probably I chose the wrong subject line.  My thinking carried 
> on from the firewall thread.
> 
> > As others have pointed out, 
> > this is one of the things cookies are used for.
> >
> I can see that for commercial sites, though I don't see how I could use it.  
> Maybe people who work from home don't need it, as they use tunnels for 
> security.  Is that it?  If so, that's another project to read up on, for the 
> next time I'm away.  Up to now, mail access has been sufficient.

Maybe I'm misunderstanding what you're trying to do.

poc

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux