[Leaplist] will this work with IPCop
John Simpson
jms1 at jms1.net
Wed Jan 9 18:43:52 GMT 2008
On 2008-01-09, at 0034, Mr. Brunkow wrote:
> John Simpson wrote:
>> On 2008-01-08, at 1116, Mr. Brunkow wrote:
>>>
>>> http://shimmer.sourceforge.net/
>>
>> probably... however the blacklist that "shimmerd" creates, might
>> interact with the iptables rules set up by ipcop.
>>
>> and of course you'll have to build an instance of the same LFS that
>> ipcop is using, compile the program chroot()ed within that image,
>> and manually install the binaries on the ipcop machine.
>>
>
> so better to run it on the local machine both as server and client
> if you use it to get in and out via ssh instead of run it directly
> on the IPCop.
are you thinking about using this to protect ssh'ing into the ipcop
itself, or to protect ssh'ing into a machine behind the ipcop?
there's a world of difference. i thought you were trying to protect
port 222 on the ipcop itself.
if you're trying to use this on a machine BEHIND the ipcop, you would
have to set up a port-forwarding instruction for that entire range of
port numbers- which means those port numbers won't be usable by NAT or
any outbound connections from the firewall itself... it's possible,
but it seems like a waste of port numbers to me.
----------------------------------------------------------------
| John M. Simpson --- KG4ZOW --- Programmer At Large |
| http://www.jms1.net/ <jms1 at jms1.net> |
----------------------------------------------------------------
| http://video.google.com/videoplay?docid=-1656880303867390173 |
----------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.leap-cf.org/pipermail/leaplist/attachments/20080109/15db7bf4/PGP.bin
More information about the Leaplist
mailing list