On 7/10/2004 at 9:08 AM, David ([EMAIL PROTECTED]) wrote: D> Can somebody tell me how to stealth this port using Shorewall? ------------------------- Assumptions:
You're using the default zones of loc (inside), net (outside), and fw (firewall/computer). You want to stealth this port on your firewall to the outside world. Using Shorewall 2.x ------------------------- Real simple. In your /etc/shorewall/rules file, simply add this line: DROP net fw tcp 11 Restart and you're good to go. Some notes ------------- DROP will "stealth" the port, but you can always use REJECT to actively refuse the connection. I personally think the security difference is negligible and it is better to use REJECT for its testing benefits (The Shorewall guys agree with me) The Shorewall Documentation is pretty good, and available at: http://www.shorewall.net/Documentation_Index.html Also, Mandrake has a product (called Mandrake Network Firewall), which has a VERY nice web interface to shorewall. You can get the RPMs for free if you're running 10.0 by typing urpmi mnf. This installs a lot of other stuff though, so I would recommend only doing it on a computer that will be a dedicated firewall. Hope that helps! Post if it worked for you or not so future archive readers can know if this was a working solution :) ______________________________ Justin Grote Network Architect, CCNA JWG Networks Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440
smime.p7s
Description: S/MIME Cryptographic Signature