Hi there, I am interested to know what your opinions are regarding the role of firewalls, in particular linux iptables, have in protecting XMPP servers, such as OpenFire and or XMPP clients.
Some basic firewall rules would be based on opening TCP/UDP ports for c2s and s2s. However, what other roles in your opinion can iptables play? As with any server, be it XMPP, HTTP, SMTP and so forth, iptables can play a role in rate limiting and anti-bogon spoofing attempts. Is there any XMPP specific threats that a firewall such as iptables could prevent? That is, are their xmpp features that require firewall protection and/or xmpp features that provide security but require a firewall to provide defense indepth? The literature regarding XMPP access control tends to be focused only on the XMPP server capabilities. For example, JID blacklisting. Linux iptbales, while it may be able to also filter the JID user name possibly using the U32 module, iptables is best suited at the IP, TCP layers. It does provide support for some L7-filtering. L7-filtering provides a way to write filters to prevent malware signatures. Perhaps the firewall (iptables) could be used in conjunction to XMPP server malware filtering? regards, Paddy.
