[UFO Chicago] NAT and port filtering
Robert B. Moses
robert.moses@helioslogic.com
Tue, 28 Jan 2003 10:37:32 -0600
This isn't strictly a free OS question ... rather a TCP/IP question (and
i feel it is a "stupid" one as well..sorry)
I'm having a brain misfire on TCP/IP port filtering (as a poor man's
firewall. I know that filtering only is not a great substitute for
Stateful Packet Inspection but it will have to do.)
I need 3 boxes connected to a Netgear router doing NAT and filtering.
None of these boxes run any servers/services...they are simply client
machies that want to browse the WWW and POP off their email. Easy.
so..
1/2 my mind says "well since you don't need any inbound connections you
can drop ALL inbound traffic"
the other 1/2 says "don't be stupid, you have to allow the client
initiated requests to come back via whatever port it started at..."
I haven't done this in a while but something doesn't seem right with my
reasoning......any elucidation out there? ;-0
Would blocking/dropping inbound connections 0-1024 be sufficient?
/me grumbles about "Tea-See-Pee/Eye-Pee" mumbo jumbo
--
Robert B. Moses
1300 W. Eddy St., Unit 2
Chicago, IL 60657
773.991.0179
robert.moses@helioslogic.com