~*Mark*~ wrote:
> Dennis Myers wrote:
> >
> > Mark Weaver wrote:
> >
> > > yes, and yes.
> > >
> > > here is a link to a site where you can download a very configurable
> > > firewall great for beginners.
> > >
> > > http://www.pmfirewall.com/PMFirewall/
> > >
> > > --
> > > Mark
> > >
> > > I love my Linux Box....!
> > > REASON #1 -- ...it's not Windows!
> > > Registered Linux user #1299563
> > >
> > > On Fri, 23 Jun 2000, Vic wrote:
> > >
> > > >Is any firewall just for blocking ports or can it also
> > > >protect the needed open ones like ftp 21 www 80 and so forth?
> > > >
> >
> > I tried the mentioned firewall and once again I am feeling stupid. I
> > loaded it and immediately could not get Netscape to load . It would
> > stall with only the stop sign and the frame showing. I then
> > uninstalled and got my Netscape and mail back. I must have set a
> > closed port or deny in the wrong place. Again the documentation is
> > not set up for virtual dummies, but only for people who have alot of
> > experience either with Linux or as programmers etc. Anybody know
> > what a good set of setings would be and still allow Netscape access.
> > I keep looking for books and online documentation. Nobody writes
> > Linux for Idiots, you have to be at least a dummy. "Life is good,
> > just don't weaken" Dennis
> >
> > Registered Linux User # 180842
>
> Dennis,
>
> Don't feel too badly about it. It took me a few trys before I got the
> thing working for me. It helps of you leave port 23 (SMPT) open and port
> 80 (HTTP) that will allow you to access your mail server and the
> internet.
>
> Set everything else to be closed and deny all connections.
>
> The ranges you want to deny connections to are this:
>
> these ranges are given as pairs...IP/SUBNETMASK
>
> Set the ranges as such ----> 1.2.3.0/255.255.255.0
>
> For the range that is yourself so you can access your mail server and
> the internet your range us this: 127.0.0.1/255.255.255.0
>
> Most likely your ISP assigns you a "dynamic" IP number each time you log
> on. That's ok. Don't worry about trying to set that. You will be asked
> about this. I believe the question asks something about DHCP assigning
> an IP address. Answer "y" to this one.
>
> Keep working at cause this is one nice little firewall. My Linux box,
> after being tested by the Shields Up web site was shown to be running in
> Full on stealth mode. I'm totally cloaked and can't be seen on the
> internet. The packets come in and disappear into a "Blackhole!" Never to
> be seen or heard from again. I LOVE IT.
>
> Here's the URL for that site if you want to test your system.
> https://grc.com/x/ne.dll?bh0bkyd2
>
> Good luck and press on forward!
well, I pressed on and used most of your advice , but did not totally
understand what you were telling me. Anyway, the fire wall works and I am
partially protected. I will have to go back in and close some of the holes
I left open. I am not sure exactly how I do this. As root and open up the
package in an editor? Any way your help is invaluable and the community in
general provides a lot of support and good advice. Thanks, to everybody
who contributes.
