If you need a tool for filtering protocols that doesn’t depend on the port, try L7, an IPTables patch that operates through regular expressions.
Traditional firewalls decide whether to allow or reject packets based on IP addresses, TCP flags, MAC addresses, ports, and other criteria that reside in OSI layers two through four. Experienced admins can probably type commands like iptables -A FORWARD -i $IF -o $OF -p tcp --dport 80 --syn -j ACCEPT standing on their heads. But what if the web server listens on port 8500 rather than port 80? Or if a gaming server misuses this port? Peer-to-peer applications are even worse, as there is no way of predicting the ports they will use. And VoIP makes the chaos complete with Real Time Protocol (RTP), which definitely takes liberties when assigning UDP ports.
Can't make it to the 17th USENIX Security Symposium?
No Problem. Just register for the live streaming and follow the tutorials and technical sessions from your own PC. After the live transmission, you can view repeats of the talks, whenever and as often as you like.
Comments