Anything new about this from the last post i saw from Leif Hardison.
Overall it seems to be a good idea which i also mentioned before on some
other lists.
Thanks
Bora
Leif Hardison wrote:
Hi Serg,
Is what you are suggesting to create a repository of "recipes" that
create access control lists to handle particular events, which would
be described by the submitter or author of the recipe?
For example if Serg wanted to share his recommended set of access
control lists for his newly released application he could specify
rule(s), which would be made up of a description, a port, a protocol
and a user defined source(s) or destination(s).
A user who wanted to use Serg suggested recipe or template could then
access the database, retrieve the information say in an XML format and
then convert it to his appropriate firewall format in this case IP
tables?
Food for thought,
Leif
On 10/16/06, quan@ies.hu <quan@ies.hu> wrote:
This is really good idea. If we are talking about a template rules
db, we
must have a view about all IDS, worm, virus (content filtering from
patch-o-matic), ...
Actually, I had created for mysefl, and it'd taken so much time.
I'm in.
--------
Quan
-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com] On
Behalf Of Serg B.
Sent: Thursday, October 12, 2006 10:44 PM
To: firewalls@securityfocus.com; LUV
Subject: IPTables default/template rule database
Hi All,
I was thinking about creating a default/template rule database for
IPTables. Something similar to rule database defined for mod_security
and regular expression library.
Probably something wiki like, where users can contribute their own
IPTables rules to the main database (as well as the documentation and
maybe a unit test utility?)
Does anyone have any feedback about this? Good idea? Useless idea?
Perhaps something like this is already out there and I missed it? Etc.
Serg
