On Wednesday 20 November 2002 09:45 am, Mark Weaver wrote: > >Jack and Melissa McSwain wrote: >> > > BTW has anyone noticed a dramatic increase in hack attempts in the last 2 > > to 3 weeks? Port scans show all the ports are stealth, and I have no > > servers running or installed, but they still manage to find the box. > > Win98 with norton personal firewall seems to be a little more stealth. > > Also Shorewall is set to drop instead of reject packets.
On Tuesday 19 November 2002 12:29 pm, Mark Weaver wrote: > > What adjustments to shorewall did you make? > I started with the example scripts from the shorewall homepage, /etc/shorewall/common.def was either missing or empty on stock install there are 9 ip-tables rules in it for various things. In interfaces I added norfc1918,routefilter,noping,routefilter,dropunclean,logunclean I didnt have any of these before. The file rfc1918 was not present before (came from examples on shorewall) In Shorewall.conf I turned off IP forwarding, turned on route filtering, turned off forward ping, and NEWNOTSYN=NO
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com