Re: [Shorewall-users] Need help and advised

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Ermm.. well the application server is the critical database server.. at thi=
s
time.. i need the fast solutions which mean using shorewall.. and on next
stage.. i will figure out .. and perhaps using vpn... for now i found
shorewall drop and shorewall allow. can the shorewall allow a certain ports=
?
which mean allow port 3079.. e.g allow from 189.23.23.12 with 3079 port?

On 1/31/06, Cristian Rodriguez <jud...@sh...> wrote:
>
> Amir Haris Ahmad wrote:
>
> > application server open port number 3079 the server ip is 202.188.0.132=
.
> and
> > now the port can be accessed from everywhere. Now i want to block all
> the
> > everywhere accessed. But my problem is, the application will be accesse=
d
> by
> > few locations that doing transaction with the application server. and
> the
> > said locations are using dynamic ip address. My question:
> >
> > - How can i implement the rules that block everything but at the same
> time
> > allow the locations that using dynamic ip?..
> >
>
> No, use a PROPER AUTH mechanism , with proper encrypition (TLS/SSL) and
> you will be OK.
>
> however, you can allow traffic to only the needed port ,from the whole
> subnet the allowed clients are using (with a proper auth system of
> course).
>
>
> but if your goal is not get cracked by " the bad guys outside" by
> protecting yourself banning countries, cities or whatever ugly
> thing.stay away.. it gives you a false sense of security.
>
>
>
>
>
>
>
>
>
>
>