Ok, so what are some good ways to convert PMFirewall rules to IPChains?
I'm running IPChains now, witht the rules set up by PMFirewall (added
a rule to close port 1024 which PMFirewall left open). But how do I
make it close (as opposed to filter) ports. ALso, any specific
unnecessary ports PMF leaves open that I should close with IPChains?
-Paul R
Tom Brinkman wrote:
> Getting back to PMfirewall leaving some ports open: I've got a
> complete mental block when it comes to comprehending the ipchains rules.
> I'm at even more of a total loss with the new iptables in 2.4.x kernels.
> I have found that I can completely secure my box, all ports, using a
> combination of PMfirewall (all default answers) to write the ipchains rules
> for me, and then also starting portsentry (simple instructions for
> portsentry setup are in it's docs). Then going to:
> http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now
> and doing the basic scan. Besides their report, I can then read root's
> mail (I have kmail set up for this) and the 'attack alert' goes on for
> ever. Skimming thru it, SecureDesign's scanner is rejected for every port !
> Almost daily while reading root's mail I see a few (prob'ly benign)
> attempts to scan or connect to me, all similarly rejected.
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com