Re: RELATED connections and the feeling of security

NetFilter

Re: RELATED connections and the feeling of security

To:	netfilter@lists.netfilter.org
Subject:	Re: RELATED connections and the feeling of security
From:	Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
Date:	Fri, 13 Apr 2007 23:52:16 +0200
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
In-reply-to:	<461FDF35.7010901@rtij.nl>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Organization:	Plouf !
References:	<200704131202.27971.Hugo.Mildenberger@t-online.de> <1176463828.9361.14.camel@anduril.intranet.cartel-securite.net> <200704131457.59976.Hugo.Mildenberger@t-online.de> <461FC3C1.1090906@plouf.fr.eu.org> <461FDF35.7010901@rtij.nl>
Sender:	netfilter-bounces@lists.netfilter.org
User-agent:	Mozilla Thunderbird 1.0.6 (Windows/20050716)

Martijn Lievaart a écrit :

should the ftp-conntrack helper expose arbitrary ports on theoriginating host?
Yes it should, for the following two reasons :
1) The host explicitly asked for it over the FTP control connection.
2) The firewall administrator allowed it by loading the FTP conntrackmodule.
No, not arbitrary ports. The port asked for in the port command shouldbe opened (and it is).


I took "arbitrary" as "arbitrarily chosen by the host".

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RELATED connections and the feeling of security, Hugo Mildenberger Re: RELATED connections and the feeling of security, Cedric Blancher Re: RELATED connections and the feeling of security, Hugo Mildenberger Re: RELATED connections and the feeling of security, Cedric Blancher Re: RELATED connections and the feeling of security, Hugo Mildenberger Re: RELATED connections and the feeling of security, Pascal Hambourg Re: RELATED connections and the feeling of security, Martijn Lievaart Re: RELATED connections and the feeling of security, Pascal Hambourg <= Re: RELATED connections and the feeling of security, tom

Previous by Date:	Re: RELATED connections and the feeling of security, Martijn Lievaart
Next by Date:	Re: Inspection of Link Layer Packets?, Cedric Blancher
Previous by Thread:	Re: RELATED connections and the feeling of security, Martijn Lievaart
Next by Thread:	Re: RELATED connections and the feeling of security, tom
Indexes:	[Date] [Thread] [Top] [All Lists]