Hello Technoslick, Monday, June 16, 2003, 12:00:42 PM, you wrote:
T> No, thankfully. It just has to be an executable that shows itself T> in calling for services through ports that need to be opened. Are you certain that it actually knows that the exact app is running on the original computer? This might be just port triggering in which ANY app on *THAT* computer will trigger the port to open, with returned packets routed to that IP. (The router remembers the IP address, NOT the app running). It might be that the app name is just there to help the reader remember which app is using which ports that are being triggered. You could check this by having two apps that use the same port. Place one app name in the router table, but run the other app on the same machine, and see if it opens the port anyway. BTW, port triggering does not need H.323 to work, and would work with the linux box, for any app, just as well. Dynamic port triggering is certainly better than static port opening. I am comforted by having the fw first check the md5 signature of the designated app - if it's OK, then open the port for that app only. T> Exactly. If you have ICQ (continuing the example) run at different T> times over the network by different clients, you would need to go T> into DMZ just to keep up with the requests. If you do that, it T> can't be a firewall anymore. T> To provide software firewalls on each client that would do this as T> needed, you still would have to put the router's firewall into DMZ or T> nothing gets through the firewall barrier to the Web. Not necessarily. A stateful inspection firewall can provide protection without needing to create a DMZ. I run a SI firewall, with app-aware fw's on each computer. The SI firewall does not need a DMZ (at least for this purpose). The app-aware fw's allow ONLY a specified app for the designated port(s), and will deny the same port(s) to any other app. T> Gnomemeeting is suppose to be a NetMeeting clone/client. It's got T> to be as much a security issue in Linux as in the Windows T> environment. If it needs all those ports, then yes, it would be a big risk. If you need to leave that many ports open, why bother with a firewall? :-) -- Thank you, rikona mailto:[EMAIL PROTECTED]
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com