On Tuesday 11 February 2003 07:53 pm, Sean wrote: > Thanks for your responses. > > After spending more time on their website, <sarcasm> I discovered their > "Any-Firewall-Whitepaper" where it states that I actually don't have a > problem since their technology works transparent to firewalls and > NAT.</sarcasm>
That used to be somewhat true until stateful firewalls started being used. Before that there would have been so many problems with net-based applications while filtering high-ports that most firewall's never gave much thought to blocking this traffic under SOHO use. > Lynn, you are correct. There are some high UDP ports, but according to > their white-paper, these are only "outgoing" connections. Since it's a > peer-to-peer connection, I'm not sure how both parties can have outgoing > connections, and no incoming connections...but its obviously some highly > advanced technology! What's my exposure when opening those TCP and UDP > ports? I'm VERY new to iptables, so be gentle. Really the largest security risk in doing this is highly dependant on the application listening on these ports. You'll probably need to portfw the TCP ports at a minimum for the remote side to initiate a connection, but I may be wrong in this assumption w/o trying the application first. -- ~Lynn Avants Linux Embedded Appliance Firewall developer http://leaf.sourceforge.net ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
