Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPChains vs. IPTables

From: Patrick Darden <darden () armc org>
Date: Wed, 24 Jul 2002 10:50:56 -0400 (EDT)

IPTables allow content inspection (making sure port 80 traffic is web, 21
is ftp, etc.), making it a little better than a mere packet filter.  
Truthfully, though, with tunnelling, if you don't have tight access lists
then allowing any protocol access is just as secure via packet filtering
as packet inspection.  Loki uses icmp; then there's ssl tunneling, ssh,
and hosts of others....

--
--Patrick Darden                Internetworking Manager             
--                              706.475.3312    darden () armc org
--                              Athens Regional Medical Center


On Wed, 24 Jul 2002, Marc DVer wrote:


Someone suggested that I use IPTables instead of IPchains, as IPTables is
more robust.  Is IPTables more secure for a given set of rules?

The rules for IPChains I use can be found at
http://members.cavtel.net/mdver/start_firewall .  This is easier than trying
to explain what I am trying to accomplish.

I am using RedHat 7.1 for a gateway/firewall.

I am also looking for an online IPTables for Dummies reference, in case
IPTables is indeed superior to IPChains.

Sincerely,
Marc DVer

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: