Hi, Joel:
Thanks for the firewall tutorial. I'm sure it will be useful, once
I've digested all the information in it. I'm grateful to you for
taking the time to send this to me.
I have some books on TCP/IP and one which specifically covers firewalls
and Internet security, but they are obsolete - written in the mid-90s
when I was using TCP/IP in amateur packet radio networks.
I'm using the SuSE 7.2 Pro "personal firewall" which is
non-configurable. It's either enabled or disabled, and that's about
it. However, there's a SuSE Firewall that ships with this distro, and
it is *very* configurable. So I will examine that with deeper scrutiny.
I'll also check amazon.com for what books are available on-line about
firewalls and security.
Thanks again for the advice and information.
73 de Glenn
On Tuesday 04 September 2001 18:25, you wrote:
> DENY tcp ----l- 0xFF 0x00 eth1 0.0.0.0/0 24.182.146.18 * ->
> 1:1023 rule protocol log Who knows NIC any ip my ip from any
> port to your ports
>
> Translation:
> Deny tcp packets, logging it, Huh??, to my eth1 from any ip on the
> planet to the ip address of the NIC of my router (which connects to
> the internet) from any port to my ports 1 to 1023.
> ip's are in dot quad format with a netmask if needed.
> 0.0.0.0. is host 0.0.0.0 but 0.0.0.0/0 is any ip.
> 127.0.0.0/24 is the local host.
> Firewalls are simple once you have the few rules figured out. Here is
> a simple rule from my firewall. It denies all requests from any host
> to my internet facing NIC to access the ports from 1 to 1023 (These
> are the privileged ports to which various services, like ftp, telnet,
> printing, and others listen for requests for services. You likely
> didn't know that port 515 (port for printing local or network files)
> is ripe for exploitation.
>
> You are at a crucial stage. If you don't learn this simple stuff, you
> will be like those poor souls in Shakespeare, who, not catching the
> tide at its flood, will wallow in the shallows, etc., at least as far
> as security.
>
> For your own good, and for the good of your security, firewalls are
> way too important to leave to magic security scripts.
> You should know which other ports you have to protect, like 6000
> (your X server) and make sure to prevent unwanted people from
> attaching to such services. I just edit my firewall using vi. It is
> so simple that way.
> ipchains-save > file
> Edit the file
> ipchains -F; cat file | ipchains-restore -f
> Piece of cake.
> Buy a book or read about firewalls. You have been warned.
> In addition, if you want to arrange ipmasq or use nonstandard ports
> for services (Say, to disguise your web page from your ISP which bans
> such things), knowing about firewalls is essential.
> Joel
> _______________________________________________
> http://linux.nf -- [EMAIL PROTECTED]
> Archives, Subscribe, Unsubscribe, Digest, Etc
> ->http://linux.nf/mailman/listinfo/linux-users
--
Glenn Williams - [EMAIL PROTECTED]
Registered Linux User #135678
Powered by SuSE 7.2 Linux Professional
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
