Hello, I am brand new to the list and couldn't find an easy way to browse the whole archive, so my apologies if this has been discussed (as it probably has). I understand the state concepts, however, I keep seeing example iptable scripts with the first rule in each chain being something like....ACCEPT related and established packets. My first question is...Is that really needed? In my other experiences with stateful firewalls this rule is not needed because the firewall remembers the outgoing packet and the rule is implied...or do I have this very wrong? My second question, which may not be totally applicable for this list is...I have my netfilter/iptables set up on a Redhat 4 Ent WS box...are the following parameters for hardening still useful and applicable with the current kernel and distro? net.ipv4.tcp_syncookies = 1 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.rp_filter = 1 net.ipv4.icmp_echo_ignore_all = 1 = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.conf.all.log_martians = 1 Thanks very much for any help! Jeff Ginter, CISSP Computer Associates Mid-Atlantic Consulting Manager tel: +1 908 874-9726 cell: +1 609 577-1494 jeff.ginter@xxxxxx
