Greg Stewart wrote:
>
> The writer(s) of portsentry assume you may need telnet and ftp and leave
> those ports off the list lest you lock yourself out of your own machine.
>
> If you are using ipcahins or a script wchi writes ipchains for (ie:
> pmfirewall, www.pointman.org) You can, also configure the ipchains rules to
> drop connections at kernel level.
>
> In my opinion, and I'm sure there are others who would agree,
> runningportsentry on its own can give you a false sense of security. There
> are other ways to tighten your connected box and several apps/modules can be
> used in tandem.
>
> Just in case you do not know already, pmfirewall is an easy script which
> writes the ipchains rules for packet filtering and masquerading at kernel
> level. All packets that are bound for ports in the rules are checked, and if
> they fail to conform to protocol rules they are dropped or rejected.
> pmfirewall default ruels can be modified to make a much tighter rule set, as
> well. Examples are given in the in the pmfirewall.rules.local file which you
> can use to add your own rules.
>
> If you have any questions...just ask.
>
> --Greg
I turned off telnet and ftp. I use ssh to login remotely, and
scp to transfer files. So I don't much give a darn if telnet and
ftp work. :-)
I will look into ipchains, although I have managed to piss people
off multiple times when I have played with the port filtering on
our DSL router (Netopia something-or-another), so it makes me
kind of gun shy you could say. :-)
But I suppose you have to learn sometime.
Dan
