RE: "Masking" ports from IP ranges (was RE: Thanks & port 80 filterin g by IP)

Tue, 17 Oct 2000 22:21:38 -0700 

Most of the ISP's (so I understand) monitor by traffic.  You can limit this
traffic by requiring passwords, etc...  (I have a friend who does this)

> -----Original Message-----
> From: Ward William E PHDN [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, October 16, 2000 10:32 AM
> To:   '[EMAIL PROTECTED]'
> Subject:      "Masking" ports from IP ranges (was RE: Thanks & port 80
> filterin g by IP)
> 
> Dan, this got me thinking.... I realize you may not have the 
> answer, but someone here might.
> 
> Suppose someone has a High-Bandwidth connection, DSL or Cable,
> and wants to run services, such as httpd.  They also have
> an ISP who has one of the "no-services" policies.  If you
> use ipchains to block the IPs assigned to your provider,
> could you "Mask" those services from any port scanning
> software that the ISP might be using?  IOW, could you arrange
> that the only way the ISP would be able to detect the
> service was to either use a packet sniffer, or to go outside
> the native IPs of the ISP and sniff from outside the ISP?
> 
> That's a bit.... unethical, I guess...  but it seems like
> an easy way of getting around some of the restrictions
> that ISPs put on server machines.
> 
> Bill Ward
> 
> -----Original Message-----
> From: Dan Browning [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, October 14, 2000 12:24 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: Thanks & port 80 filtering by IP
> 
> 
> Woo hoo!
> 
> Thanks again to Chad M. Stewart, he's solved my (retarded) problem!  I
> will
> write on the chalkboard three hundred times:
> 
> ipchains uses the first rules that matches
> ipchains uses the first rules that matches
> ipchains uses the first rules that matches
> ipchains uses the first rules that matches
> ipchains uses the first rules that matches
> ...
> 
> All I had to do was reverse the order of my code, like the following.  Now
> I
> have an awesome firewall.  If anyone was wondering why I would want to do
> such an allow thing, it happens to have something to do with AT&T's @Home
> cable restrictions.  (e.g. you are not allowed to run an HTTP server or
> FTP
> server).
> 
> 
> 
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to