-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 06 August 2004 09:08:09, Paul Smith wrote: <whack> > > > > Absolutely and without question Yes. Just a matter of the right Rules > > used for NetFilter. > > Thanks, Charlie. I wish I knew what rules I should set on... and I have > already consulted Firestarter's site. The results of the test on my > computer at www.grc.com are below. > > Paul > I don't think I'll be much help with Firestarter Paul. I only tried it once and I believe that was 2 or more years ago. I just add the rules I want to /etc/shorewall/Rules and modify whatever else needs to be done in zones and so on then as super user; shorewall restart && service network start and I'm away.
The difference between "Stealthed" and closed is almost as much semantics as real. Closed is Blocked is "Go Away!" Interactive to the point of mildly rude. Stealth is No Such Address, No Such Zone, "Are you in the right city or on the right planet?" as in rude to the point of the passing port scanner being logged on the inside but totally ignored from outward appearance. Does that make things a little more clear? You are secure, you just want to be more-so and I understand that. If you want to learn about Firestarter you should read "The Rules." http://firestarter.sourceforge.net/manual/rules.php The Stealth section is almost at the bottom of the page. Just take a deep breath and try to figure what it is that you want to do here, OK. You'll be fine. That restart above is just because I have shorewall start at boot but not the network. Not the first time, I don't usually allow new installs or upgrades to connect to any network until things are tuned to my liking. Just personal preference. From being bitten once or twice. (-; Regards; Charlie - -- Edmonton,AB,Canada User #244963 at http://counter.li.org Mandrakelinux release 10.1 (Beta 1) for i586 kernel 2.6.8-0.rc2.2mdk 09:12:12 up 22:05, 2 users, load average: 1.08, 1.10, 1.09 Swahili, n.: The language used by the National Enquirer to print their retractions. -- Johnny Hart -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBE6TBZqvqlrLPr5YRAipzAJ4x+Aq6mLQ/zIGvymetHCUuNDo8EQCfYdmf Ibq8ZYbcczpoBpX5QiAIlx8= =iE2R -----END PGP SIGNATURE-----
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
