I just got pmfirewall working in my unusual circumstances.. ie hosting
multiple domains,, (virtual IP's for ppp0)
and before the firewall would only work on the static IP of the dialup, not
the actual domain names..
it now works exactly as I wanted, and I have added alot to the ruleset as
well..
ie, apart from working on all the domains, I also watch the portsentry
emails, (which are directed to my home account)
and when I see a port being scanned, if I am not using it, I add it to the
rules...
so all the commonly scanned ports get denied or rejected by default.
I am starting to feel better about my security level. (still paranoid
though.)
I think one of the best things you can do, is to make sure you are not using
any unencrypted ports over the net.
ie no pop3, no FTP no telnet, or any others, if you aint using it, turn it
off, and most of all, keep updated.
just my thoughts, if anyone wants to know how I got pmfirewall working with
virtual IP's or domains... drop me a line...
regards
Frank Hauptle
----/ / _
---/ / (_)__ __ ____ __
--/ /__/ / _ \/ // /\ \/ /
-/____/_/_//_/\_,_/ /_/\_\
Gshop & Network Payment Solutions.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Tom Brinkman
Sent: Saturday, 17 March 2001 11:29 PM
To: [EMAIL PROTECTED]
Subject: Re: [newbie] PMFirewall and IPchains
Getting back to PMfirewall leaving some ports open: I've got a
complete mental block when it comes to comprehending the ipchains rules.
I'm at even more of a total loss with the new iptables in 2.4.x kernels.
I have found that I can completely secure my box, all ports, using a
combination of PMfirewall (all default answers) to write the ipchains rules
for me, and then also starting portsentry (simple instructions for
portsentry setup are in it's docs). Then going to:
http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now
and doing the basic scan. Besides their report, I can then read root's
mail (I have kmail set up for this) and the 'attack alert' goes on for
ever. Skimming thru it, SecureDesign's scanner is rejected for every port !
Almost daily while reading root's mail I see a few (prob'ly benign)
attempts to scan or connect to me, all similarly rejected.
--
Dale Earnhardt, the greatest stock car driver ever,
he's won his 8th and His Greatest Championship
Tom Brinkman [EMAIL PROTECTED] Galveston Bay
On Saturday 17 March 2001 08:44 am, Mark Weaver wrote:
> Dan...In some ways we're saying similar things, except as to the point
> of "what" Pmfirewall is. And it is definately "not" a firewall, rather
> it is merely a means to get the ipchains firewall rule-set configured to
> a point to where it's functional. Notice I didn't say ready for prime
> time, but functional. Enough for the user then to open the rules file
> and begin to tweak and fine tune the rule-set so that it becomes what
> you mentioned having setup after uninstalling PM. Were it not for PM I
> would have had to spend a lot more time reading the Ipchains docs and
> scratching my head to get my firewall running.
>
> Since then I've made "many" additions and modifications to the rule-set
> that is "more" the firewall itself then anything else. What I've said
> and have maintained all along is that PM is nothing more then a front
> end, (of sorts...albeit a console front end and not a GUI) configuration
> utility for IPchains. And a darn good one for newbies to cut their teeth
> on and get exposed to the use of Ipchains.
>
> And, God's blessings to you on your endeavor to quit smoking. I know
> what you're going through having been there myself 7 years ago. Your
> opinions were stated just fine. I should have added that my comments
> were given "tongue-in-cheek."
>
> Mark
>
> > If PMfirewall is only going to "Filter" ports ( ie: Ports # 139,
> > 443, 631, etc,..) It's
> > not good enough. The fact that it doesn't tell you this during the
> > configuration, is also
> > misleading. And you're right Mark,...It's not a Windows Program, It's
> > a Linux/Unix
> > program. By default, it should therefore be a MUCH BETTER program !!!
