Firewall Wizards mailing list archives
Re: IPChains vs. IPTables
From: Patrick Darden <darden () armc org>
Date: Wed, 24 Jul 2002 10:50:56 -0400 (EDT)
IPTables allow content inspection (making sure port 80 traffic is web, 21 is ftp, etc.), making it a little better than a mere packet filter. Truthfully, though, with tunnelling, if you don't have tight access lists then allowing any protocol access is just as secure via packet filtering as packet inspection. Loki uses icmp; then there's ssl tunneling, ssh, and hosts of others.... -- --Patrick Darden Internetworking Manager -- 706.475.3312 darden () armc org -- Athens Regional Medical Center On Wed, 24 Jul 2002, Marc DVer wrote:
Someone suggested that I use IPTables instead of IPchains, as IPTables is more robust. Is IPTables more secure for a given set of rules? The rules for IPChains I use can be found at http://members.cavtel.net/mdver/start_firewall . This is easier than trying to explain what I am trying to accomplish. I am using RedHat 7.1 for a gateway/firewall. I am also looking for an online IPTables for Dummies reference, in case IPTables is indeed superior to IPChains. Sincerely, Marc DVer _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- IPChains vs. IPTables Marc DVer (Jul 24)
- Re: IPChains vs. IPTables Patrick Darden (Jul 24)
- Re: IPChains vs. IPTables Josh Welch (Jul 24)
- Re: IPChains vs. IPTables Volker Tanger (Jul 25)
- Re: IPChains vs. IPTables Nimesh Vakharia (Jul 29)
- Re: IPChains vs. IPTables Josh Welch (Jul 24)
- Re: IPChains vs. IPTables Patrick Darden (Jul 24)
- Re: IPChains vs. IPTables Martin A. Brown (Jul 24)
- Re: IPChains vs. IPTables firewall-wizards (Jul 24)
- Re: IPChains vs. IPTables Brian Hatch (Jul 24)