Jack Coates wrote:
Damn! Jack!!I know the shorewall question can be resolved, but as KevinO points out it shouldn't be resolved by someone who's not fully aware of the issues at stake.In the last five days I've gotten nearly a thousand denied attempts to relay spam mail through my server clogging up my logs right now in chunks of thirty messages per server, mostly coming from home Windows boxes on cable and DSL networks. This is clearly a worm, and the few boxes that I've bothered to nmap all have IIS on them and ports 137-139 wide open to the world, allowing anonymous SMB browsing. Since the worm only sends 30 messages at a time, it will probably go unnoticed for months or years because it isn't going to have a big effect on bandwidth or CPU -- the only way these ditzes are ever going to know that they are hosting a spam worm is if someone gets annoyed enough to track them down and slap them upside their pointy little heads. When you don't secure your home box with nothing important on it, there is a chance that your neighbor's snot-nosed brat will go delete your files that you don't care about. However, the odds are much higher that the snot-nosed brat will use your box to download and serve up porn and warez that are illegal to possess in your state, and in the current USA climate this is likely to earn you a visit from the Feds. When uncapping your cable modem can earn you this (http://slashdot.org/article.pl?sid=02/11/22/013226&mode=nested&tid=123) do you want to find out what they do when you're mirroring kiddie porn and copies of .Net Server? An even higher probability exists that your box will be nailed by a worm and turned into a zombie node for the next big DoS or spam flood attack. So, if you're not able to figure out how to get shorewall to do what you need to do (and it is not an easy package), try removing it and working with one of the others, like MonMotha, and if you can't get that to do what you want then for goodness sake go spend $100 on a commercial firewall appliance. My mail logs will thank you for it. Jack
All right...I give...I'll uninstall Bastille and give shorewall another try. Geez! you make a good argument and scare the hell out of a person.
Mark
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
