Chains question

[Scott H]

Thanks, that makes sense...  Now how about the ! -y option for TCP?  It
just makes sure the Ack flag is set on incomming TCP right?  How will
this affect things?
 
What about UDP?  
 
The firewall is masquerading my access the net so if some one where to
run an exploit against the firewall's TCP or UDP ports they would get no
where right?
 
 
-----Original Message----- 
From: Wil Cooley [ mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, June 20, 2001 5:10 PM 
To: Scott H 
Cc: [EMAIL PROTECTED] 
Subject: Re: Chains question 


        Thus spake Scott H: 
        > In many IPchains scripts I see ports above 1024 set to accept
in-bound 
        > traffic on TCP and UDP.  There is usually a comment to the
effect of 
        > ports above 1024 are fair game.  Could some one explain why
this is 
        > considered to be ok?  In my case I am using a linux firewall 
        for my home 
        > network. 

        You need to allow ports above 1024 to be connected to if you're
going 
        to be running any clients on the firewall, like SSH.  What
happens is 
        that a client requests a randomly-assigned high port that forms
the 
        local end of the connection. 

        Wil 
        -- 
        W. Reilly Cooley                           [EMAIL PROTECTED] 
        Naked Ape Consulting                        http://nakedape.cc 
        LNXS: Get 0.2.0-devel at http://sourceforge.net/projects/lnxs/ 
        irc.openprojects.net                                     #lnxs 

        "The only way for a reporter to look at a politician is down." 
        -- H.L. Mencken 

*���e�f��)��+-*���e�X���'i�޶m����l�v����������+-�w����{��