On Saturday 07 July 2001 09:52 pm, Judith Miner wrote:
> DrakConf shows iptables as stopped and there is no way I can get it
> running. I have it selected to run at boot, like the other services.
> Makes no difference. iptables is always listed as stopped. If I click
> on start, nothing happens.
I believe this is normal. IOW's iptables isn't a running service all
the time, it just needs to be available. You should have these binaries
in /sbin : iptables* iptables-restore* iptables-save*
>
> >> Also go thru the docs in
>
> file:/usr/share/doc/mandrake/en/user.html/bastille.html and you'll
> see screenshots of what you should be seeing. <<
>
> That file is not on my computer. I believe it is part of mandrake-doc,
> which I have tried to install numerous times and it WILL NOT install.
Somethin's wrong with your hardware or the CD's you've got?
I did 8.0 updates immediately after installing, so maybe an update fixes
your problem (?)
> always get the "informative" error message "Installation failed."
> Nothing else. Um, WHY did it fail? C'mon, Linux, help me out here! I
> copied the file from the CD to my hard drive; sometimes that helps. Not
> this time, though. So where can I try to get another copy of this file?
You can get any file Mandrake ships with from any of the ftp mirrors.
mandrake_doc-en-8.0-2mdk provides the bastille docs
> >> medium security has little or nothing to do with being able to get
>
> thru a thoro port scan with all ports invisible/filtered. <<
>
> What does medium security have to do with, then? I'd think making ports
> invisible is pretty universal to security. If it's just internal
> network stuff,
Yes, mostly, at least as I understand it. I know that you can have
your security setting at the lowest, and still pass a port scan with a
proper firewall. Also that setting your security level to the highest,
but without a firewall, won't get you past a port scan.
I may as well not bother with it because nobody else has
> access to my computer. My only concern is Internet security. If
> Bastille won't close my ports, what will?
You have to have open ports to run your system and get on the Net.
What you don't want is for those ports to be seen or accessible by
others. (.... and that about sums up my security expertise ;) I don't
know what else to suggest. You're gonna have to get DrakConf - Security -
Firewalling functioning to setup a firewall. I suppose you could script a
firewall manually if you were a iptables guru (but I'm not). Try su'ing
to root in a terminal and running DrakConf that way. Might work, or at
least spit out some error messages. You are using a 2.4.x kernel with
iptables, right?
--
Tom Brinkman [EMAIL PROTECTED] Galveston Bay
