On Wed, Jun 23, 2004 at 11:48:23AM -0500, Otto Haliburton wrote: > > NAT will only protect you from inbound new connections. It does > > absolutely nothing if you have a rampant application on your Windows box > > that opens a port to the outside world. > > > I believe that you can prevent any outgoing port from being opened to the > outside world in the router fyi, in case you haven't prevented that. Plus > if that occurs I think that the administrator needs to take swift and > decisive action. You have some control on the outbound ports on the Linksys routers but nowhere near what you can get with iptables. If you want to, for example, restrict outbound port 80 to www.microsoft.com, it's much harder to do at the Linksys level, if it's even possible. > > Personally, I use a Linksys router/firewall with some predetermined > > ports forwarded to my Linux system (none to my Windows systems) and add > > tcpwrappers to restrict which hosts are actually allowed to use that > > service. For example, ssh makes it through the firewall but tcpwrappers > > restricts the incoming connections to my office subnet. > > > if I am interpreting this correctly. Not all of your computers are behind > the linksys firewall and that is the problem!!!!! I have my systems behind the Linksys firewall but it forwards a few ports to my server. It's how mail and ssh get in and how I can serve up web pages to the outside world. -- Ed Wilts, RHCE Mounds View, MN, USA mailto:ewilts@xxxxxxxxxx Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list