Educause Security Discussion mailing list archives
Re: IPtables versus Tcp_wrapper
From: Adam Garside <Adam.Garside () CPCC EDU>
Date: Wed, 3 Mar 2010 18:20:22 -0500
In any case, are we in agreement that given the choice of one or the other, the preferred method would be iptables as it drops packets?
Given the choice of one or the other, I would use iptables. I still believe the use of both is preferrable as tcpwrappers provides an independant layer of security in case a kernel bug allows the firewall policy to be bypassed. Also, as mentioned in a previous post, I second the use of OSSEC as a good, lightweight HIDS. Adam
Current thread:
- IPtables versus Tcp_wrapper Griese, Steven A. (Mar 03)
- <Possible follow-ups>
- Re: IPtables versus Tcp_wrapper Adam Garside (Mar 03)
- Re: IPtables versus Tcp_wrapper Josh Richard (Mar 03)
- Re: IPtables versus Tcp_wrapper Kevin Wilcox (Mar 03)
- Re: IPtables versus Tcp_wrapper Josh Richard (Mar 03)
- Re: IPtables versus Tcp_wrapper Adam Garside (Mar 03)
- Re: IPtables versus Tcp_wrapper Kevin Wilcox (Mar 04)
- Re: IPtables versus Tcp_wrapper Valdis Kletnieks (Mar 04)
- Re: IPtables versus Tcp_wrapper Josh Richard (Mar 04)
- Re: IPtables versus Tcp_wrapper Valdis Kletnieks (Mar 04)
- Re: IPtables versus Tcp_wrapper Josh Richard (Mar 04)