how to reduse false positives?
Wed, 16 Jan 2002 10:03:24 -0600 (CST)
-----BEGIN PGP SIGNED MESSAGE-----
i wondering if there is a generaly execepted way to help reduse false
positives that i feal are being caused by my nat/proxy making requests
from ports that i am droping on my iptables.
correct me if im wrong, but here is my thinking, request goes to squid
and squid grabes a random port and requests the page. i am droping several
high ports hoping to protect my winddows clients, and ocasionaly squid
makes a request from one of those ports, which is of cource not going to work
because iptables dropes the reply when it comes back.
ok, squid is not the only problem, im doing nat for some stuff on my
network, and nat apears to do the same thing.
so i guess the question is, is there some program i can run my linux box
that will make these port unavailabe to aplications somehow? or do i not
have my iptables set up corectly?
bradw at sta-care.com
PGP Fingerprint: 8B1E E12F 3982 0D54 E01C DFD3 898B 6CA3 ED6F 3E56
Arthur Dent: "What's so unpleasant about being drunk?"
Ford Prefect: "You ask a glass of water."
- - Douglas Noel Adams, 1952 - 2001
- - DNA, so long and thanks for all the books
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----