Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IPTables default/template rule database

from [Leif Hardison] Network Security [Permanent Link]
Subject: Re: IPTables default/template rule database
Date: Tue, 7 Nov 2006 10:25:26 -0500 
Hi Bora,

I have been playing around with some ideas at home.  Mostly everything
still is on the white board.  I'm hoping to have some additional
information to share after the New Year.  150 hours of vacation time,
need something to do =)

Feel free of course to send any additional ideas to the list and myself.

Thanks,

Leif

On 11/7/06, Bora Özden <vbozden@e-kolay.net> wrote: 
Anything new about this from the last post i saw from Leif Hardison.
Overall it seems to be a good idea which i also mentioned before on some
other lists.

Thanks
Bora

Leif Hardison wrote:
> Hi Serg,
>
> Is what you are suggesting to create a repository of "recipes" that
> create access control lists to handle particular events, which would
> be described by the submitter or author of the recipe?
>
> For example if Serg wanted to share his recommended set of access
> control lists for his newly released application he could specify
> rule(s), which would be made up of a description, a port, a protocol
> and a user defined source(s) or destination(s).
>
> A user who wanted to use Serg suggested recipe or template could then
> access the database, retrieve the information say in an XML format and
> then convert it to his appropriate firewall format in this case IP
> tables?
>
> Food for thought,
>
> Leif
>
> On 10/16/06, quan@ies.hu <quan@ies.hu> wrote:
>> This is really good idea. If we are talking about a template rules
>> db, we
>> must have a view about all IDS, worm, virus (content filtering from
>> patch-o-matic), ...
>>
>> Actually, I had created for mysefl, and it'd taken so much time.
>>
>> I'm in.
>>
>> --------
>> Quan
>>
>>
>> -----Original Message-----
>> From: listbounce@securityfocus.com
>> [mailto:listbounce@securityfocus.com] On
>> Behalf Of Serg B.
>> Sent: Thursday, October 12, 2006 10:44 PM
>> To: firewalls@securityfocus.com; LUV
>> Subject: IPTables default/template rule database
>>
>> Hi All,
>>
>> I was thinking about creating a default/template rule database for
>> IPTables. Something similar to rule database defined for mod_security
>> and regular expression library.
>>
>> Probably something wiki like, where users can contribute their own
>> IPTables rules to the main database (as well as the documentation and
>> maybe a unit test utility?)
>>
>> Does anyone have any feedback about this? Good idea? Useless idea?
>> Perhaps something like this is already out there and I missed it? Etc.
>>
>>
>>    Serg
>>
>
>



[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: DNS Manipulation via IPTables or other means?, Fabrice Barutel
Next by Date:  Re: IPTables default/template rule database, Bora Özden
Previous by Thread:  Re: IPTables default/template rule database, Bora Özden
Next by Thread:  Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006, Manh Tho
Indexes:  [Date] [Thread] [Top] [All Lists]