Re: [Cooker] msec/security was Shutdown
David Walluck wrote: Axalon Bloodstone wrote: cooker - air = not supported oxygen - air = insane air - air = even more insane What is this about? I think I'm using Air, but the oxygen mandrake-release RPM was never updated. during the first few it was every hour, then 6hrs, I'm not sure off hand if it depends on the level in the one shipped with 7.0 if it doesn't it's set for 24hrs. Do you have both crond anacron installed :/ I do have them bothh installed, I had them both running, then I switched to anacron only, because I'm not sure if they are conflicting and causing jobs to run more than they should. No, I meant your first guess. msec doesn't do any firewall things, but it would be great if it did in a future version. I have been looking for a firewall setup tool that is easy to use. If I do it by hand I always end up blocking too much. still planed (yeah yeah, i know I'm a "lazy sob"), I'll do some digging and seee if i can avoid starting from scratch, again.. (I also tend to loose things ;) There is a tool called "Lokkit: Firewall Configuration For The Rest Of Us" by Alan Cox which is not meant to "configure arbitary firewalls", but "to make it simple to understand it is solely designed to handle typical dialup user and cable modem setups." This is a newt/slang based tool, (isn't there a gnome-newt or gtk-newt frontend?), and the description sounds good, but I get some errors running it, and it doesn't allow some services that I need. -- Sincerely, David Walluck [EMAIL PROTECTED] David.. where can I get it? I would like to try it out also... TIA Sergio
Re: [Cooker] msec/security was Shutdown
Sergio Korlowsky writes: David Walluck wrote: There is a tool called "Lokkit: Firewall Configuration For The Rest Of Us" by Alan Cox which is not meant to "configure arbitary firewalls", but "to make it simple to understand it is solely designed to handle typical dialup user and cable modem setups." This is a newt/slang based tool, (isn't there a gnome-newt or gtk-newt frontend?), and the description sounds good, but I get some errors running it, and it doesn't allow some services that I need. ... David.. where can I get it? http://roadrunner.swansea.linux.org.uk/lokkit.html Cheers. -- Olivier Poulet
Re: [Cooker] msec/security was Shutdown
Hi, I've used the Firewall Design Tool for several firewalls which received excellent results from portscans. It's a set of webpages which uses questions and answers to construct a firewall script tailored to your network. http://www.linux-firewall-tools.com/linux/firewall/ -- Phil Lavigna [EMAIL PROTECTED]
Re: [Cooker] msec/security was Shutdown
Phil wrote: Hi, I've used the Firewall Design Tool for several firewalls which received excellent results from portscans. It's a set of webpages which uses questions and answers to construct a firewall script tailored to your network. http://www.linux-firewall-tools.com/linux/firewall/ -- Phil Lavigna [EMAIL PROTECTED] Its a nice script-tool I had used in the past it has one shotcomming... It assumes you have one or two eth cards, and no ppp dialup connection, that can be fixed easily, But the ppp option should be 'considered' in his java script. I am on a dedicated line, connected full time to the net, via ppp just have another pc running a dual boot pc, most used OS linux even for my kids (a 14 year and almost 18 girls!) ;-) and love it! I have been using gfcc to customize the pre-configured ppp-masquerade.rule to reflect my system addressing I would like to try out the Sinus Proyect firewall, but actually is available in tar only... and is Not easy to install and set up. just hoping a soul dares to take it and make an rpm. not judge me wrong, I like tar file and compile my own, but have had no success with Sinus. ;-( I run a web server, not sensitive information... but is always nice to be protected, and keep pests and would be hackers of your sys they are just annoying not really much to loose regarding informationn. I used port-sentry long time ago, I like to run nmap and other tools to test my system, just to be informed of weaknesses... ;-) if ANY! Sergio
Re: [Cooker] msec/security was Shutdown
Sergio Korlowsky wrote: Phil wrote: Hi, I've used the Firewall Design Tool for several firewalls which received excellent results from portscans. It's a set of webpages which uses questions and answers to construct a firewall script tailored to your network. http://www.linux-firewall-tools.com/linux/firewall/ -- Phil Lavigna [EMAIL PROTECTED] Its a nice script-tool I had used in the past it has one shotcomming... It assumes you have one or two eth cards, and no ppp dialup connection, that can be fixed easily, But the ppp option should be 'considered' in his java script. I am on a dedicated line, connected full time to the net, via ppp just have another pc running a dual boot pc, most used OS linux even for my kids (a 14 year and almost 18 girls!) ;-) and love it! I have been using gfcc to customize the pre-configured ppp-masquerade.rule to reflect my system addressing I would like to try out the Sinus Proyect firewall, but actually is available in tar only... and is Not easy to install and set up. just hoping a soul dares to take it and make an rpm. not judge me wrong, I like tar file and compile my own, but have had no success with Sinus. ;-( I run a web server, not sensitive information... but is always nice to be protected, and keep pests and would be hackers of your sys they are just annoying not really much to loose regarding informationn. I used port-sentry long time ago, I like to run nmap and other tools to test my system, just to be informed of weaknesses... ;-) if ANY! Sergio Oops... Sorry, it does support ppp now!great! Sergio
[cooker] Re: [Cooker] msec/security was Shutdown
Phil wrote: Hi, I've used the Firewall Design Tool for several firewalls which received excellent results from portscans. It's a set of webpages which uses questions and answers to construct a firewall script tailored to your network. http://www.linux-firewall-tools.com/linux/firewall/ -- Phil Lavigna [EMAIL PROTECTED] OK, what is /etc/rc.d/init.d/firewall? The script should go in /etc/ppp/ip-up.local for ppp, since we can't run the script until the device has been brought up, and bring up a ppp device on boot isnt very good :/ -- Sincerely, David Walluck [EMAIL PROTECTED]
Re: [cooker] Re: [Cooker] msec/security was Shutdown
Hi, I've used the Firewall Design Tool for several firewalls which received excellent results from portscans. It's a set of webpages which uses questions and answers to construct a firewall script tailored to your network. http://www.linux-firewall-tools.com/linux/firewall/ OK, what is /etc/rc.d/init.d/firewall? The script should go in /etc/ppp/ip-up.local for ppp, since we can't run the script until the device has been brought up, and bring up a ppp device on boot isnt very good :/ I've never used it for a dialup modem but for an ADSL connection. The script I use is /etc/rc.d/rc.firewall and it is called at the end of /etc/rc.d/rc.local. -- Phil Lavigna [EMAIL PROTECTED]
Re: [Cooker] msec/security was Shutdown
On Sun, 16 Jan 2000, David Walluck wrote: WH Bouterse wrote: David! You said, It's because of msec I believe.. may have been the SysVinit package too. find is searching for modified files which could indicate files with a trojan in them... personally i hate it, which is why i do custom... I was interested in your comment about 'find' and 'custom'. I assume you mean the /etc/security/msec/init-sh/custom.sh? I meant "/etc/security/msec/init.sh custom", which runs the custom.sh. If you choose a security leael from the GUI tool, that will undo your custom settings, but if you set it, and run custom afterwards, you will have your custom settings. cooker - air = not supported oxygen - air = insane air - air = even more insane In other words quit doing that ;) but on to the more serious, Pixel, how _does_ it handle the SECURE_LEVEL currently? As for the find, those are the "Do you want me to check for xxx files?" questions, which you have to answer no to if you don't want those checks to run constantly. Does anacron and crond conflict or can I have both running? I don't know.. all I notice is that these finds seem to run way to often (more than once a day). during the first few it was every hour, then 6hrs, I'm not sure off hand if it depends on the level in the one shipped with 7.0 if it doesn't it's set for 24hrs. Do you have both crond anacron installed :/ Or in fact do you mean by 'custom' a custom firewall/ipchains/tripwire kind of setup? I have been running a Tripwire rpm successfully with 6.1 which installed flawlessly and worked right from thestart but have not tried it with 7.0 until more "kinks" get worked out on my 7.0 system. So to any MandrakeSoft folks who might read this; Does msec make something like Tripwire redundant? no it doesn't, you can never be to secure. also keep an eye out for prelude too ;) No, I meant your first guess. msec doesn't do any firewall things, but it would be great if it did in a future version. I have been looking for a firewall setup tool that is easy to use. If I do it by hand I always end up blocking too much. still planed (yeah yeah, i know I'm a "lazy sob"), I'll do some digging and seee if i can avoid starting from scratch, again.. (I also tend to loose things ;) Thanks to All William Bouterse Juneau Alaska -- MandrakeSoft http://www.mandrakesoft.com/ --Axalon
Re: [Cooker] msec/security was Shutdown
Axalon Bloodstone [EMAIL PROTECTED] writes: In other words quit doing that ;) but on to the more serious, Pixel, how _does_ it handle the SECURE_LEVEL currently? I think it use the exported SECURE_LEVEL variable. during the first few it was every hour, then 6hrs, I'm not sure off hand if it depends on the level in the one shipped with 7.0 if it doesn't it's set for 24hrs. Do you have both crond anacron installed :/ the find operation are all day midnight, ( note that find is reniced in order to not lag your system. ) Or in fact do you mean by 'custom' a custom firewall/ipchains/tripwire kind of setup? I have been running a Tripwire rpm successfully with 6.1 which installed flawlessly and worked right from thestart but have not tried it with 7.0 until more "kinks" get worked out on my 7.0 system. So to any MandrakeSoft folks who might read this; Does msec make something like Tripwire redundant? no it doesn't, you can never be to secure. also keep an eye out for prelude too ;) Not ready again, but it'll come :-) -- -- Yoann, http://www.security-addict.org It is well known that M$ products don't call free() after a malloc(). The Unix community wish them good luck for their future developments.
Re: [Cooker] msec/security was Shutdown
Axalon Bloodstone wrote: cooker - air = not supported oxygen - air = insane air - air = even more insane What is this about? I think I'm using Air, but the oxygen mandrake-release RPM was never updated. during the first few it was every hour, then 6hrs, I'm not sure off hand if it depends on the level in the one shipped with 7.0 if it doesn't it's set for 24hrs. Do you have both crond anacron installed :/ I do have them bothh installed, I had them both running, then I switched to anacron only, because I'm not sure if they are conflicting and causing jobs to run more than they should. No, I meant your first guess. msec doesn't do any firewall things, but it would be great if it did in a future version. I have been looking for a firewall setup tool that is easy to use. If I do it by hand I always end up blocking too much. still planed (yeah yeah, i know I'm a "lazy sob"), I'll do some digging and seee if i can avoid starting from scratch, again.. (I also tend to loose things ;) There is a tool called "Lokkit: Firewall Configuration For The Rest Of Us" by Alan Cox which is not meant to "configure arbitary firewalls", but "to make it simple to understand it is solely designed to handle typical dialup user and cable modem setups." This is a newt/slang based tool, (isn't there a gnome-newt or gtk-newt frontend?), and the description sounds good, but I get some errors running it, and it doesn't allow some services that I need. -- Sincerely, David Walluck [EMAIL PROTECTED]
[Cooker] msec/security was Shutdown
David! You said, It's because of msec I believe.. may have been the SysVinit package too. find is searching for modified files which could indicate files with a trojan in them... personally i hate it, which is why i do custom... I was interested in your comment about 'find' and 'custom'. I assume you mean the /etc/security/msec/init-sh/custom.sh? I ran this but I also tried the DrakConf button security-level thingy and had assumed the 'custom.sh' would cancel it out? So to partially answer my own question, then 'find' is a result of one of the security choices either in 'custom.sh' or the the other 'msec' GUI chooser button program. Or in fact do you mean by 'custom' a custom firewall/ipchains/tripwire kind of setup? I have been running a Tripwire rpm successfully with 6.1 which installed flawlessly and worked right from thestart but have not tried it with 7.0 until more "kinks" get worked out on my 7.0 system. So to any MandrakeSoft folks who might read this; Does msec make something like Tripwire redundant? Thanks to All William Bouterse Juneau Alaska
Re: [Cooker] msec/security was Shutdown
WH Bouterse wrote: David! You said, It's because of msec I believe.. may have been the SysVinit package too. find is searching for modified files which could indicate files with a trojan in them... personally i hate it, which is why i do custom... I was interested in your comment about 'find' and 'custom'. I assume you mean the /etc/security/msec/init-sh/custom.sh? I meant "/etc/security/msec/init.sh custom", which runs the custom.sh. If you choose a security leael from the GUI tool, that will undo your custom settings, but if you set it, and run custom afterwards, you will have your custom settings. As for the find, those are the "Do you want me to check for xxx files?" questions, which you have to answer no to if you don't want those checks to run constantly. Does anacron and crond conflict or can I have both running? I don't know.. all I notice is that these finds seem to run way to often (more than once a day). Or in fact do you mean by 'custom' a custom firewall/ipchains/tripwire kind of setup? I have been running a Tripwire rpm successfully with 6.1 which installed flawlessly and worked right from thestart but have not tried it with 7.0 until more "kinks" get worked out on my 7.0 system. So to any MandrakeSoft folks who might read this; Does msec make something like Tripwire redundant? No, I meant your first guess. msec doesn't do any firewall things, but it would be great if it did in a future version. I have been looking for a firewall setup tool that is easy to use. If I do it by hand I always end up blocking too much. Thanks to All William Bouterse Juneau Alaska -- Sincerely, David Walluck [EMAIL PROTECTED]