On Wednesday 29 May 2002 11:30 am, Rishi L Khan wrote: > I looked into shorewall. It doesn't support ipchains, but seawall does. > Would you suggest updating to iptables or using seawall? > > Do you think that Linux 2.4.x is stable yet? If so, which version? >
The kernel overall I believe is considered stable, I've been using 2.4.18 for sometime now and have had no major problems with it. .17 gave me usb horror but was fixed in 18. The only bug I'd watch for would be the NAT bug found by "cartel-securite.fr" using a patch to nmap which reviels internal ip information. According to their advisory 2.4.4 -> 2.4.19pre6 are vulnerable. > I believe that ipchains can do the job and that linux 2.2.20 is stable. I > don't have experience in 2.4.x kernels yet, but am willing to look into > it if people think that it's as stable as 2.2.20. > > Are there any security issues with the currentversion of ipchains that is > addressed with iptables (I don't mean iptables features like stateful > packet filtering -- I mean security vulnerabilities) > I've stuck with ipchains myself, but for no significant reason other than being lazy =). > -rishi > > On Wed, 29 May 2002, Sami Dalouche wrote: > > > Howabout installing shorewall? (www.shorewall.net) the best iptables > > > > script i have ever seen. > > > > It's not only the best iptables script you've ever seen, but it's also a > > nice high-level configuration tool for everything > > concerning firewalling.. Traffic Shaping, IPSec... > > > > Sam -- ----------------------- Orlando Padilla [EMAIL PROTECTED] "I only drink to make other people interesting" www.g0thead.com/xbud.asc ----------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]