On Wednesday 14 July 2004 4:57 pm, Koyama Mituru wrote: > > Should all incoming ports that relate to a service such as SSH, FTP use > > -m state --state NEW? > > > > What are the security implications (if any) of not using -m state > > --state NEW? > > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT > > I don't want other packets. That's a good security attitude. Antony. -- "Note: Windows 98, Windows 98SE and Windows 95 are not affected by [MS Blaster]. However, these products are no longer supported. Users of these products are strongly encouraged to upgrade to later versions." (which *are* affected by MS Blaster...) http://www.microsoft.com/security/security_bulletins/ms03-026.asp Please reply to the list; please don't CC me.
