> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > bounces@xxxxxxxxxx] On Behalf Of Ed Wilts > Sent: Wednesday, June 23, 2004 12:21 PM > To: General Red Hat Linux discussion list > Subject: Re: Router/Firewall Recommendation > > On Wed, Jun 23, 2004 at 11:48:23AM -0500, Otto Haliburton wrote: > > > NAT will only protect you from inbound new connections. It does > > > absolutely nothing if you have a rampant application on your Windows > box > > > that opens a port to the outside world. > > > > > I believe that you can prevent any outgoing port from being opened to > the > > outside world in the router fyi, in case you haven't prevented that. > Plus > > if that occurs I think that the administrator needs to take swift and > > decisive action. > > You have some control on the outbound ports on the Linksys routers but > nowhere near what you can get with iptables. If you want to, for > example, restrict outbound port 80 to www.microsoft.com, it's much > harder to do at the Linksys level, if it's even possible. I maybe wrong but this sort of thing has all ways been accomplished with a proxy server, but I don't know. I've never ever had a need to do this so I guess to each his own. > > > > Personally, I use a Linksys router/firewall with some predetermined > > > ports forwarded to my Linux system (none to my Windows systems) and > add > > > tcpwrappers to restrict which hosts are actually allowed to use that > > > service. For example, ssh makes it through the firewall but > tcpwrappers > > > restricts the incoming connections to my office subnet. > > > > > if I am interpreting this correctly. Not all of your computers are > behind > > the linksys firewall and that is the problem!!!!! > > I have my systems behind the Linksys firewall but it forwards a few > ports to my server. It's how mail and ssh get in and how I can serve up > web pages to the outside world. > > -- > Ed Wilts, RHCE > Mounds View, MN, USA > mailto:ewilts@xxxxxxxxxx > Member #1, Red Hat Community Ambassador Program > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
