[ale] What I want for Christmas - wrt IPTABLES
Jim Lynch
ale_nospam at fayettedigital.com
Wed Dec 12 09:50:38 EST 2007
Jeff Lightner wrote:
> Scary idea. Even if such a tool existed there seems a fair likelihood
> your system would be filled with Trojans by the time you'd created the
> rules.
>
> It's a pain but it is much better to be totally restrictive and figure
> out what to open as you go along than to make it wide open and figure
> out what you need to restrict.
>
> > It would even be nice to turn on a switch on iptables that
> > would log attempts to get through the firewall and also suggest how to
> > modify the configuration file, if you really wanted that to be
> > permitted.
>
Perhaps, even though on Linux harmful apps are not usually started by
default. I'd never think of using such a method on Windows.
In any case, my second suggestion would probably be less dangerous.
Robert's idea would be good too.
Jim.
More information about the Ale
mailing list