OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] Masquerading connects very slow
From: kei (csecm-net.arbornet.org)
Date: Tue Sep 19 2000 - 08:09:36 CDT

>There's one big subject bubbling up: DNS timeouts.

I realize this is starting to get OT, but I have a similar problem I can't
resist posting. I recently set up a computer lab with several computers
sharing a connection. For security reasons, I didn't want the kids to be
able to access every web site. Actually, just a short list of
sites. Among those was hotmail.com. This is a big problem because there
are about a dozen different IPs in use by hotmail. My DNS lookups work
properly. Is there a way to dynamically alter the ipchains rules to allow
connections to/from servers that resolve to *.hotmail.com?

One more question, I'm just dropping connection attempts to doubleclick's
servers. So, the connections time out with an error message. There's a
better way. Right?

Are these questions answered in a more advanced faq
or how-to?

kei

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com