On Saturday 17 March 2001 05:49 pm, Paul R wrote:
> Ok, so what are some good ways to convert PMFirewall rules to IPChains?
PMfirewall is nothing more than a script you run, answer some
straightforward questions, and then it writes ipchains rules according to
the answers you give. .....or maybe I don't understand your question ?
> I'm running IPChains now, witht the rules set up by PMFirewall (added
> a rule to close port 1024 which PMFirewall left open). But how do I
> make it close (as opposed to filter) ports. ALso, any specific
> unnecessary ports PMF leaves open that I should close with IPChains?
I believe this is what portsentry does. Type 'whereis portsentry' in
a terminal, to see if it's already installed. Many Mandrake installs
include it. 'locate portsentry' will show you where the docs are.
--
Dale Earnhardt, the greatest stock car driver ever,
he's won his 8th and His Greatest Championship
Tom Brinkman [EMAIL PROTECTED] Galveston Bay
> Tom Brinkman wrote:
> > Getting back to PMfirewall leaving some ports open: I've got a
> > complete mental block when it comes to comprehending the ipchains
> > rules. I'm at even more of a total loss with the new iptables in 2.4.x
> > kernels. I have found that I can completely secure my box, all ports,
> > using a combination of PMfirewall (all default answers) to write the
> > ipchains rules for me, and then also starting portsentry (simple
> > instructions for portsentry setup are in it's docs). Then going to:
> > http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now
> > and doing the basic scan. Besides their report, I can then read
> > root's mail (I have kmail set up for this) and the 'attack alert' goes
> > on for ever. Skimming thru it, SecureDesign's scanner is rejected for
> > every port ! Almost daily while reading root's mail I see a few
> > (prob'ly benign) attempts to scan or connect to me, all similarly
> > rejected.