Jack D. Martin Jr. wrote:
Natalio,
I appreciate the help. I would love to have some examples - they are quie
helpful to me. Thanks in advance.
Another really good resource is www.iptablesrocks.org . Same guy that
run qmailrocks.org, but info on IPTables. Easy to read,and his scripts
work rather well. I've done a nmap on my own custom written firewall
script (I'm leaving out some info, namely open ports):
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20, Linux 2.4.18 - 2.4.20
Uptime 6.550 days (since Wed Oct 5 18:12:54 2005)
TCP Sequence Prediction: Class=random positive increments
Difficulty=4481827 (Good luck!)
IPID Sequence Generation: All zeros
and then on a machine running the script from iptablesrocks.org (once
again, leaving out the open port info at the top):
TCP/IP fingerprint:
SInfo(V=3.70%P=i686-redhat-linux-gnu%D=10/12%Time=434CF44E%O=21%C=20)
TSeq(Class=RI%gcd=1%SI=137B64%IPID=Z%TS=1000HZ)
TSeq(Class=RI%gcd=1%SI=137B2E%IPID=Z%TS=1000HZ)
TSeq(Class=RI%gcd=1%SI=3427CB%IPID=Z%TS=1000HZ)
T1(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=N)
T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T7(Resp=N)
PU(Resp=N)
Uptime 6.004 days (since Thu Oct 6 07:27:25 2005)
TCP Sequence Prediction: Class=random positive increments
Difficulty=3418059 (Good luck!)
IPID Sequence Generation: All zeros
In my opinion an easy-to-use and implement firewall script.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
