Personal firewall
Hi, Group: I am running SuSE 7.2 Pro on an Intell P3 @ 450MHz w/ 128M memory. My DSL ethernet card is an Intel eePro 10/100. DSL is working just dandy, thank you very much. I set up the Personal Firewall a while ago and now I'm wondering how I can tell if it's working. I edited the appropriate file a la the configuration manual, to enable it. It is non-configurable; it's either on or off. A look at /var/log/boot.msg yielded the following line: Starting personal-firewall (initial) [active]done However, the word "active" is grayed or dimmed. Anyone see anything similar in their lash-up? TIA Regards, Glenn -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Monday 03 September 2001 11:06 am, Glenn Williams wrote: > Hi, Group: > > I am running SuSE 7.2 Pro on an Intell P3 @ 450MHz w/ 128M memory. > My DSL ethernet card is an Intel eePro 10/100. DSL is working just > dandy, thank you very much. > > I set up the Personal Firewall a while ago and now I'm wondering how I > can tell if it's working. I edited the appropriate file a la the > configuration manual, to enable it. It is non-configurable; it's > either on or off. A look at /var/log/boot.msg yielded the following > line: > > Starting personal-firewall (initial) [active]done > > However, the word "active" is grayed or dimmed. > > Anyone see anything similar in their lash-up? > > TIA > go to: www.vulnerabilities.org and request an nmap scan. I would not use the nessus scan until you find out more. It will flood you with information. > Regards, > > Glenn -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/03/01 23:32 + ++ "It's not hard to meet expenses, they're everywhere." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
> I set up the Personal Firewall a while ago and now I'm wondering how I > can tell if it's working. I edited the appropriate file a la the > configuration manual, to enable it. It is non-configurable; it's > either on or off. A look at /var/log/boot.msg yielded the following Is this ipchains? If so, there are ways to look at it to tell if it is working. ipchains -L -vn | less for example. Do it in an xterm with font set to medium. Joel ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Hi, Bruce: Thanks for the info. I went to 'vulnerabilities' web site and initiated a scan of my ISP, not knowing what else to use for a host address to be scanned. It returned the following result: == 66.55.21.94 From: Unprivileged user <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Starting nmap V. 2.54BETA7 ( www.insecure.org/nmap/ ) Skipping host (66.55.21.94) due to host timeout Nmap run completed -- 1 IP address (1 host up) scanned in 75 seconds Nmap scan provided by www.vulnerabilities.org == As you can see, the host server timed out during the scan. I'm not sure what would be a better host address to use. Mayube I should try SuSE's web site. Below are the results of scanning SuSE's site == Starting nmap V. 2.54BETA7 ( www.insecure.org/nmap/ ) Skipping host (66.55.21.94) due to host timeout Nmap run completed -- 1 IP address (1 host up) scanned in 75 seconds Nmap scan provided by www.vulnerabilities.org == I'm not smart enough to evaluate the results. Thanks for your help. Regards, Glenn On Monday 03 September 2001 21:33, you wrote: > On Monday 03 September 2001 11:06 am, Glenn Williams wrote: > > Hi, Group: > > > > I am running SuSE 7.2 Pro on an Intell P3 @ 450MHz w/ 128M memory. > > My DSL ethernet card is an Intel eePro 10/100. DSL is working just > > dandy, thank you very much. > > > > I set up the Personal Firewall a while ago and now I'm wondering > > how I can tell if it's working. I edited the appropriate file a la > > the configuration manual, to enable it. It is non-configurable; > > it's either on or off. A look at /var/log/boot.msg yielded the > > following line: > > > > Starting personal-firewall (initial) [active]done > > > > However, the word "active" is grayed or dimmed. > > > > Anyone see anything similar in their lash-up? > > > > TIA > > go to: www.vulnerabilities.org and request an nmap scan. > > I would not use the nessus scan until you find out more. It will > flood you with information. > > > Regards, > > > > Glenn -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Hi, Joel: I followed your suggestion, and the results are meaningless to me; the output gave a list of sources and destinations, and the IP addresses were all 0.0.0.0s. Port 53 figured prominently in the output also, if that has any significance. I am nearly 8 years away from my amateur packet radio experience with TCP/IP and I have forgotten what little I knew. I am grateful for your reply. Regards, Glenn On Monday 03 September 2001 22:45, you wrote: > > I set up the Personal Firewall a while ago and now I'm wondering > > how I can tell if it's working. I edited the appropriate file a la > > the configuration manual, to enable it. It is non-configurable; > > it's either on or off. A look at /var/log/boot.msg yielded the > > following > > Is this ipchains? If so, there are ways to look at it to tell if it > is working. > ipchains -L -vn | less for example. Do it in an xterm with font set > to medium. > Joel > > > ___ > http://linux.nf -- [EMAIL PROTECTED] > Archives, Subscribe, Unsubscribe, Digest, Etc > ->http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Monday 03 September 2001 07:38 am, Glenn Williams wrote: > Hi, Bruce: > > Thanks for the info. I went to 'vulnerabilities' web site and > initiated a scan of my ISP, not knowing what else to use for a host > address to be scanned. It returned the following result: You would want to put in your own IP number as determined by the use of the ifconfig command. However, my scan too timed out. Don't know what their problem is. Next choice would be to get someone else to run the scan for you.I'd be glad to do it if we can coordinate. You'd have to send me your IP address via email and I'd run the scan. -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 08:31 + ++ Roger's Law: "As soon as the stewardesss serves the coffee, the airliner encounters turbulence. Davis's explanation: Serving coffee on an airliner causes turbulence." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Hi, Bruce: I appreciate the offer. However, my ISP uses a DHCP server, so I dunno how we could do that using my IP address. Cann one use the current dynamic address for that purpose? Regards, Glenn On Tuesday 04 September 2001 06:34, you wrote: > On Monday 03 September 2001 07:38 am, Glenn Williams wrote: > > Hi, Bruce: > > > > Thanks for the info. I went to 'vulnerabilities' web site and > > initiated a scan of my ISP, not knowing what else to use for a host > > address to be scanned. It returned the following result: > > You would want to put in your own IP number as determined by the use > of the ifconfig command. > > However, my scan too timed out. Don't know what their problem is. > > Next choice would be to get someone else to run the scan for you. > I'd be glad to do it if we can coordinate. You'd have to send me > your IP address via email and I'd run the scan. -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
RE: Personal firewall
You can use your current IP address for the purpose of being scanned. Regards, Wil McGilvery Manager, Digital Media Lynch Technologies Inc. 416-744-7191 1-888-622-3729 416-744-0406 FAX www.lynchdigital.com -Original Message- From: Glenn Williams [mailto:[EMAIL PROTECTED]] Sent: Monday, September 03, 2001 10:33 AM To: [EMAIL PROTECTED] Subject: Re: Personal firewall Hi, Bruce: I appreciate the offer. However, my ISP uses a DHCP server, so I dunno how we could do that using my IP address. Cann one use the current dynamic address for that purpose? Regards, Glenn On Tuesday 04 September 2001 06:34, you wrote: > On Monday 03 September 2001 07:38 am, Glenn Williams wrote: > > Hi, Bruce: > > > > Thanks for the info. I went to 'vulnerabilities' web site and > > initiated a scan of my ISP, not knowing what else to use for a host > > address to be scanned. It returned the following result: > > You would want to put in your own IP number as determined by the use > of the ifconfig command. > > However, my scan too timed out. Don't know what their problem is. > > Next choice would be to get someone else to run the scan for you. > I'd be glad to do it if we can coordinate. You'd have to send me > your IP address via email and I'd run the scan. -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > Hi, Bruce: > > I appreciate the offer. However, my ISP uses a DHCP server, so I dunno > how we could do that using my IP address. Cann one use the current > dynamic address for that purpose? Yes... you would: 1) Connect up and stay connected. 2) Do an ifconfig to find your current IP address. 3) Send me email with same. 4) I run the scan. ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 11:56 + ++ "Whenever I think of the past, it brings back so many memories..." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Hi, Wil: Thanks for the info. Regards, Glenn On Tuesday 04 September 2001 08:48, you wrote: > You can use your current IP address for the purpose of being scanned. > > Regards, > > Wil McGilvery > Manager, Digital Media > > > Lynch Technologies Inc. > 416-744-7191 > 1-888-622-3729 > 416-744-0406 FAX > www.lynchdigital.com > > > > > > > > > -Original Message- > From: Glenn Williams [mailto:[EMAIL PROTECTED]] > Sent: Monday, September 03, 2001 10:33 AM > To: [EMAIL PROTECTED] > Subject: Re: Personal firewall > > Hi, Bruce: > > I appreciate the offer. However, my ISP uses a DHCP server, so I > dunno how we could do that using my IP address. Cann one use the > current dynamic address for that purpose? > > Regards, > > Glenn > > On Tuesday 04 September 2001 06:34, you wrote: > > On Monday 03 September 2001 07:38 am, Glenn Williams wrote: > > > Hi, Bruce: > > > > > > Thanks for the info. I went to 'vulnerabilities' web site and > > > initiated a scan of my ISP, not knowing what else to use for a > > > host address to be scanned. It returned the following result: > > > > You would want to put in your own IP number as determined by the > > use of the ifconfig command. > > > > However, my scan too timed out. Don't know what their problem is. > > > > Next choice would be to get someone else to run the scan for you. > > I'd be glad to do it if we can coordinate. You'd have to send me > > your IP address via email and I'd run the scan. -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Hi, Bruce: Busy morning - later getting back to you. Here's the output of 'ifconfig' (long form): eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 ^^^ inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link inet6 addr: fe80::3:4795:e1b5/10 Scope:Link UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 RX packets:72619 errors:0 dropped:0 overruns:0 frame:0 TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 Kb) Interrupt:10 Base address:0xf000 Thanks. Regards, Glenn On Tuesday 04 September 2001 09:56, you wrote: > On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > > Hi, Bruce: > > > > I appreciate the offer. However, my ISP uses a DHCP server, so I > > dunno how we could do that using my IP address. Cann one use the > > current dynamic address for that purpose? > > Yes... you would: > > 1) Connect up and stay connected. > > 2) Do an ifconfig to find your current IP address. > > 3) Send me email with same. > > 4) I run the scan. > > > > + >+ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI > 09/04/01 11:56 + > + >+ "Whenever I think of the past, it brings back so many > memories..." ___ > http://linux.nf -- [EMAIL PROTECTED] > Archives, Subscribe, Unsubscribe, Digest, Etc > ->http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 01:42 pm, Glenn Williams wrote: > Hi, Bruce: > > Busy morning - later getting back to you. Here's the output of > 'ifconfig' (long form): > Well yes, but don't you dial up on the phone?? I would need the ppp0 part of the ifconfig output. The 10.0.0.2 address must be your local LAN address. > > > eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 > > inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 > ^^^ > inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link > inet6 addr: fe80::3:4795:e1b5/10 Scope:Link > UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 > RX packets:72619 errors:0 dropped:0 overruns:0 frame:0 > TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 Kb) > Interrupt:10 Base address:0xf000 > > Thanks. > > Regards, > > Glenn > > On Tuesday 04 September 2001 09:56, you wrote: > > On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > > > Hi, Bruce: > > > > > > I appreciate the offer. However, my ISP uses a DHCP server, so I > > > dunno how we could do that using my IP address. Cann one use the > > > current dynamic address for that purpose? > > > > Yes... you would: > > > > 1) Connect up and stay connected. > > > > 2) Do an ifconfig to find your current IP address. > > > > 3) Send me email with same. > > > > 4) I run the scan. > > > > > > > > + > >+ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI > > 09/04/01 11:56 + > > + > >+ "Whenever I think of the past, it brings back so many > > memories..." ___ > > http://linux.nf -- [EMAIL PROTECTED] > > Archives, Subscribe, Unsubscribe, Digest, Etc > > ->http://linux.nf/mailman/listinfo/linux-users -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 14:02 + ++ "There's no traffic jam on the extra mile." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Bruce: Sorry - I guess I neglected to mention - as of last Thursday I am on DSL - hot all the time. No dial-up or dial-on-demand. Anything else I should furnish? Regards, Glenn On Tuesday 04 September 2001 12:03, you wrote: > On Tuesday 04 September 2001 01:42 pm, Glenn Williams wrote: > > Hi, Bruce: > > > > Busy morning - later getting back to you. Here's the output of > > 'ifconfig' (long form): > > Well yes, but don't you dial up on the phone?? I would need the > ppp0 part of the ifconfig output. The 10.0.0.2 address must be > your local LAN address. > > > eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 > > > > inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 > > ^^^ > > inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link > > inet6 addr: fe80::3:4795:e1b5/10 Scope:Link > > UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 > > RX packets:72619 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:100 > > RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 Kb) > > Interrupt:10 Base address:0xf000 > > > > Thanks. > > > > Regards, > > > > Glenn > > > > On Tuesday 04 September 2001 09:56, you wrote: > > > On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > > > > Hi, Bruce: > > > > > > > > I appreciate the offer. However, my ISP uses a DHCP server, so > > > > I dunno how we could do that using my IP address. Cann one use > > > > the current dynamic address for that purpose? > > > > > > Yes... you would: > > > > > > 1) Connect up and stay connected. > > > > > > 2) Do an ifconfig to find your current IP address. > > > > > > 3) Send me email with same. > > > > > > 4) I run the scan. > > > > > > > > > > > > + > > > + + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, > > > MI 09/04/01 11:56 + > > > + > > > + "Whenever I think of the past, it brings back so > > > many memories..." ___ > > > http://linux.nf -- [EMAIL PROTECTED] > > > Archives, Subscribe, Unsubscribe, Digest, Etc > > > ->http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 02:58 pm, Glenn Williams wrote: > Bruce: > > Sorry - I guess I neglected to mention - as of last Thursday I am on > DSL - hot all the time. No dial-up or dial-on-demand. > Well, I think then that the ISP has you on a local network. I am pretty sure that 10.0.0.x is one of those 'non-routable' addresses and therefore your box can't be accessed. Maybe someone else can give us a clue. > Anything else I should furnish? > > Regards, > > Glenn > > On Tuesday 04 September 2001 12:03, you wrote: > > On Tuesday 04 September 2001 01:42 pm, Glenn Williams wrote: > > > Hi, Bruce: > > > > > > Busy morning - later getting back to you. Here's the output of > > > 'ifconfig' (long form): > > > > Well yes, but don't you dial up on the phone?? I would need the > > ppp0 part of the ifconfig output. The 10.0.0.2 address must be > > your local LAN address. > > > > > eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 > > > > > > inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 > > > ^^^ > > > inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link > > > inet6 addr: fe80::3:4795:e1b5/10 Scope:Link > > > UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 > > > RX packets:72619 errors:0 dropped:0 overruns:0 frame:0 > > > TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 > > > collisions:0 txqueuelen:100 > > > RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 Kb) > > > Interrupt:10 Base address:0xf000 > > > > > > Thanks. > > > > > > Regards, > > > > > > Glenn > > > > > > On Tuesday 04 September 2001 09:56, you wrote: > > > > On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > > > > > Hi, Bruce: > > > > > > > > > > I appreciate the offer. However, my ISP uses a DHCP server, so > > > > > I dunno how we could do that using my IP address. Cann one use > > > > > the current dynamic address for that purpose? > > > > > > > > Yes... you would: > > > > > > > > 1) Connect up and stay connected. > > > > > > > > 2) Do an ifconfig to find your current IP address. > > > > > > > > 3) Send me email with same. > > > > > > > > 4) I run the scan. > > > > > > > > > > > > > > > > + > > > > + + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, > > > > MI 09/04/01 11:56 + > > > > + > > > > + "Whenever I think of the past, it brings back so > > > > many memories..." ___ > > > > http://linux.nf -- [EMAIL PROTECTED] > > > > Archives, Subscribe, Unsubscribe, Digest, Etc > > > > ->http://linux.nf/mailman/listinfo/linux-users -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 15:06 + ++ "I'm just working here till a good fast-food job opens up." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
The IP you gave for eth0 is definately an internal network address, not accessible from the outside world. Did your DSL provider give/sell you a router? Many DSL routers are capable of providing DHCP services for an internal network. You could always go to GRC.com, https://grc.com/x/ne.dll?bh0bkyd2, and do a "Sheilds-Up" scan. It's not the most thorough scan in the world, but it'll tell you your external IP address, at the least. HTH, Tim Glenn Williams wrote: > Bruce: > > Sorry - I guess I neglected to mention - as of last Thursday I am on > DSL - hot all the time. No dial-up or dial-on-demand. > > Anything else I should furnish? > > Regards, > > Glenn > > > On Tuesday 04 September 2001 12:03, you wrote: > >>On Tuesday 04 September 2001 01:42 pm, Glenn Williams wrote: >> >>>Hi, Bruce: >>> >>>Busy morning - later getting back to you. Here's the output of >>>'ifconfig' (long form): >>> >>Well yes, but don't you dial up on the phone?? I would need the >>ppp0 part of the ifconfig output. The 10.0.0.2 address must be >>your local LAN address. >> >> >>>eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 >>> >>> inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 >>> ^^^ >>> inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link >>> inet6 addr: fe80::3:4795:e1b5/10 Scope:Link >>> UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 >>> RX packets:72619 errors:0 dropped:0 overruns:0 frame:0 >>> TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 >>> collisions:0 txqueuelen:100 >>> RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 Kb) >>> Interrupt:10 Base address:0xf000 >>> >>>Thanks. >>> >>>Regards, >>> >>>Glenn >>> >>>On Tuesday 04 September 2001 09:56, you wrote: >>> On Monday 03 September 2001 10:32 am, Glenn Williams wrote: >Hi, Bruce: > >I appreciate the offer. However, my ISP uses a DHCP server, so >I dunno how we could do that using my IP address. Cann one use >the current dynamic address for that purpose? > Yes... you would: 1) Connect up and stay connected. 2) Do an ifconfig to find your current IP address. 3) Send me email with same. 4) I run the scan. + + + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 11:56 + + + "Whenever I think of the past, it brings back so many memories..." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users > ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 03:25 pm, Tim Wunder wrote: > The IP you gave for eth0 is definately an internal network address, not > accessible from the outside world. Did your DSL provider give/sell you a > router? Many DSL routers are capable of providing DHCP services for an > internal network. > > You could always go to GRC.com, https://grc.com/x/ne.dll?bh0bkyd2, and do a > "Sheilds-Up" scan. It's not the most thorough scan in the world, but it'll > tell you your external IP address, at the least. > > HTH, > Tim > > Glenn Williams wrote: > > Bruce: > > > > Sorry - I guess I neglected to mention - as of last Thursday I am on > > DSL - hot all the time. No dial-up or dial-on-demand. > > > > Anything else I should furnish? Hey Glenn: I assume you have only one nic card in your machine What is the output of your 'route' command? The problem is to find out what your IP address is on the far side of whatever box you have connected to eth0 You might also try:traceroute and see whether we can determine anything from that. > > > > Regards, > > > > Glenn > > > > On Tuesday 04 September 2001 12:03, you wrote: > >>On Tuesday 04 September 2001 01:42 pm, Glenn Williams wrote: > >>>Hi, Bruce: > >>> > >>>Busy morning - later getting back to you. Here's the output of > >>>'ifconfig' (long form): > >> > >>Well yes, but don't you dial up on the phone?? I would need the > >>ppp0 part of the ifconfig output. The 10.0.0.2 address must be > >>your local LAN address. > >> > >>>eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 > >>> > >>> inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 > >>> ^^^ > >>> inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link > >>> inet6 addr: fe80::3:4795:e1b5/10 Scope:Link > >>> UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 > >>> RX packets:72619 errors:0 dropped:0 overruns:0 frame:0 > >>> TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 > >>> collisions:0 txqueuelen:100 > >>> RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 Kb) > >>> Interrupt:10 Base address:0xf000 > >>> > >>>Thanks. > >>> > >>>Regards, > >>> > >>>Glenn > >>> > >>>On Tuesday 04 September 2001 09:56, you wrote: > On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > >Hi, Bruce: > > > >I appreciate the offer. However, my ISP uses a DHCP server, so > >I dunno how we could do that using my IP address. Cann one use > >the current dynamic address for that purpose? > > Yes... you would: > > 1) Connect up and stay connected. > > 2) Do an ifconfig to find your current IP address. > > 3) Send me email with same. > > 4) I run the scan. > > > > + > + + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, > MI 09/04/01 11:56 + > + > + "Whenever I think of the past, it brings back so > many memories..." ___ > http://linux.nf -- [EMAIL PROTECTED] > Archives, Subscribe, Unsubscribe, Digest, Etc > ->http://linux.nf/mailman/listinfo/linux-users > > ___ > http://linux.nf -- [EMAIL PROTECTED] > Archives, Subscribe, Unsubscribe, Digest, Etc > ->http://linux.nf/mailman/listinfo/linux-users -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 15:30 + ++ "How can you tell when a programmer is lying? His lawyer's lips move." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Bruce and Tim: Thanks for your help and comments. More info follows, below: On Tuesday 04 September 2001 13:32, you wrote: [snip] > Hey Glenn: > > I assume you have only one nic card in your machine > > What is the output of your 'route' command? > > The problem is to find out what your IP address is on the far side of > whatever box you have connected to eth0 > > You might also try:traceroute and see whether we > can determine anything from that. Bruce: The 'route' command yields a *totally* blank routing table. 'Traceroute' gives: traceroute to www.cybermesa.com (209.12.73.3), 30 hops max, 40 byte packets 1 10.0.0.1 (10.0.0.1) 2 ms 1 ms 1 ms 2 66.55.21.1 (66.55.21.1) 51 ms 56 ms 56 ms 3 www.cybermesa.com (209.12.73.3) 56 ms 54 ms 56 ms FYI: I rebooted into windoze and downloaded IP Agent (IP_Agent.exe) from grc.com and ran it from windoze. It said that addresses such as mine (10.0.0.2 - current dynamic address) are recyclable, and "unreachable from the external public Internet, and thus secure against typical threats and discovery from passing Internet scanners." Regards, Glenn -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 04:43 am, Glenn Williams wrote: > Bruce and Tim: > > Thanks for your help and comments. More info follows, below: > > On Tuesday 04 September 2001 13:32, you wrote: > > [snip] > > > Hey Glenn: > > > > I assume you have only one nic card in your machine > > > > What is the output of your 'route' command? > > > > The problem is to find out what your IP address is on the far side of > > whatever box you have connected to eth0 > > > > You might also try:traceroute and see whether we > > can determine anything from that. > > Bruce: > > The 'route' command yields a *totally* blank routing table. > 'Traceroute' gives: > > traceroute to www.cybermesa.com (209.12.73.3), 30 hops max, 40 byte > packets > 1 10.0.0.1 (10.0.0.1) 2 ms 1 ms 1 ms > 2 66.55.21.1 (66.55.21.1) 51 ms 56 ms 56 ms > 3 www.cybermesa.com (209.12.73.3) 56 ms 54 ms 56 ms > > FYI: I rebooted into windoze and downloaded IP Agent (IP_Agent.exe) > from grc.com and ran it from windoze. It said that addresses such as > mine (10.0.0.2 - current dynamic address) are recyclable, and > "unreachable from the external public Internet, and thus secure against > typical threats and discovery from passing Internet scanners." > > Regards, > > Glenn -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 18:47 + ++ " Ever stop to think, and forget to start again?" ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 04:43 am, Glenn Williams wrote: > Bruce and Tim: > > Thanks for your help and comments. More info follows, below: > > On Tuesday 04 September 2001 13:32, you wrote: > Try this sometime: 1) Send me an email that you are about to: 2) telnet bmarsh.com I can then match up the email time with the time that I find someone knocking on my door.. Just for grins ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 18:48 + ++ "In theory, there is no difference between theory and practice," "but in practice... there is no similarity between theory and practice." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 16:49, you wrote: > Try this sometime: > > > 1) Send me an email that you are about to: > > 2) telnet bmarsh.com > > I can then match up the email time with the time that I find someone > knocking on my door.. > > Just for grins Okay, Bruce: Here goes... I don't know what to expect, so I'll just 'wing it.' It is 5:42 MDT. -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 07:44 am, Glenn Williams wrote: > Here goes... I don't know what to expect, so I'll just 'wing it.' > It is 5:42 MDT. MDT?? MDT??oh sure, make it really tough on me...:o) -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 20:12 + ++ "The average woman would rather have beauty than brains, because the average man can see better than he can think." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
DENY tcp l- 0xFF 0x00 eth1 0.0.0.0/0 24.182.146.18 * -> 1:1023 rule protocol log Who knows NIC any ip my ip from any port to your ports Translation: Deny tcp packets, logging it, Huh??, to my eth1 from any ip on the planet to the ip address of the NIC of my router (which connects to the internet) from any port to my ports 1 to 1023. ip's are in dot quad format with a netmask if needed. 0.0.0.0. is host 0.0.0.0 but 0.0.0.0/0 is any ip. 127.0.0.0/24 is the local host. Firewalls are simple once you have the few rules figured out. Here is a simple rule from my firewall. It denies all requests from any host to my internet facing NIC to access the ports from 1 to 1023 (These are the privileged ports to which various services, like ftp, telnet, printing, and others listen for requests for services. You likely didn't know that port 515 (port for printing local or network files) is ripe for exploitation. You are at a crucial stage. If you don't learn this simple stuff, you will be like those poor souls in Shakespeare, who, not catching the tide at its flood, will wallow in the shallows, etc., at least as far as security. For your own good, and for the good of your security, firewalls are way too important to leave to magic security scripts. You should know which other ports you have to protect, like 6000 (your X server) and make sure to prevent unwanted people from attaching to such services. I just edit my firewall using vi. It is so simple that way. ipchains-save > file Edit the file ipchains -F; cat file | ipchains-restore -f Piece of cake. Buy a book or read about firewalls. You have been warned. In addition, if you want to arrange ipmasq or use nonstandard ports for services (Say, to disguise your web page from your ISP which bans such things), knowing about firewalls is essential. Joel ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
RE: Personal firewall
What is your gateway address? Also, This may be a bit cheesy, but what is the IP address that is shown when you have your have your shields tested at www.grc.com? Regards, Wil McGilvery Manager, Digital Media Lynch Technologies Inc. 416-744-7191 1-888-622-3729 416-744-0406 FAX www.lynchdigital.com -Original Message- From: Bruce Marshall [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 2001 3:08 PM To: [EMAIL PROTECTED] Subject: Re: Personal firewall On Tuesday 04 September 2001 02:58 pm, Glenn Williams wrote: > Bruce: > > Sorry - I guess I neglected to mention - as of last Thursday I am on > DSL - hot all the time. No dial-up or dial-on-demand. > Well, I think then that the ISP has you on a local network. I am pretty sure that 10.0.0.x is one of those 'non-routable' addresses and therefore your box can't be accessed. Maybe someone else can give us a clue. > Anything else I should furnish? > > Regards, > > Glenn > > On Tuesday 04 September 2001 12:03, you wrote: > > On Tuesday 04 September 2001 01:42 pm, Glenn Williams wrote: > > > Hi, Bruce: > > > > > > Busy morning - later getting back to you. Here's the output of > > > 'ifconfig' (long form): > > > > Well yes, but don't you dial up on the phone?? I would need the > > ppp0 part of the ifconfig output. The 10.0.0.2 address must be > > your local LAN address. > > > > > eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 > > > > > > inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 > > > ^^^ > > > inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link > > > inet6 addr: fe80::3:4795:e1b5/10 Scope:Link > > > UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 > > > RX packets:72619 errors:0 dropped:0 overruns:0 frame:0 > > > TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 > > > collisions:0 txqueuelen:100 > > > RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 Kb) > > > Interrupt:10 Base address:0xf000 > > > > > > Thanks. > > > > > > Regards, > > > > > > Glenn > > > > > > On Tuesday 04 September 2001 09:56, you wrote: > > > > On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > > > > > Hi, Bruce: > > > > > > > > > > I appreciate the offer. However, my ISP uses a DHCP server, so > > > > > I dunno how we could do that using my IP address. Cann one use > > > > > the current dynamic address for that purpose? > > > > > > > > Yes... you would: > > > > > > > > 1) Connect up and stay connected. > > > > > > > > 2) Do an ifconfig to find your current IP address. > > > > > > > > 3) Send me email with same. > > > > > > > > 4) I run the scan. > > > > > > > > > > > > > > > > + > > > > + + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, > > > > MI 09/04/01 11:56 + > > > > + > > > > + "Whenever I think of the past, it brings back so > > > > many memories..." ___ > > > > http://linux.nf -- [EMAIL PROTECTED] > > > > Archives, Subscribe, Unsubscribe, Digest, Etc > > > > ->http://linux.nf/mailman/listinfo/linux-users -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/04/01 15:06 + ++ "I'm just working here till a good fast-food job opens up." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Hi, Joel: Thanks for the firewall tutorial. I'm sure it will be useful, once I've digested all the information in it. I'm grateful to you for taking the time to send this to me. I have some books on TCP/IP and one which specifically covers firewalls and Internet security, but they are obsolete - written in the mid-90s when I was using TCP/IP in amateur packet radio networks. I'm using the SuSE 7.2 Pro "personal firewall" which is non-configurable. It's either enabled or disabled, and that's about it. However, there's a SuSE Firewall that ships with this distro, and it is *very* configurable. So I will examine that with deeper scrutiny. I'll also check amazon.com for what books are available on-line about firewalls and security. Thanks again for the advice and information. 73 de Glenn On Tuesday 04 September 2001 18:25, you wrote: > DENY tcp l- 0xFF 0x00 eth1 0.0.0.0/0 24.182.146.18 * -> > 1:1023 rule protocol log Who knows NIC any ip my ip from any > port to your ports > > Translation: > Deny tcp packets, logging it, Huh??, to my eth1 from any ip on the > planet to the ip address of the NIC of my router (which connects to > the internet) from any port to my ports 1 to 1023. > ip's are in dot quad format with a netmask if needed. > 0.0.0.0. is host 0.0.0.0 but 0.0.0.0/0 is any ip. > 127.0.0.0/24 is the local host. > Firewalls are simple once you have the few rules figured out. Here is > a simple rule from my firewall. It denies all requests from any host > to my internet facing NIC to access the ports from 1 to 1023 (These > are the privileged ports to which various services, like ftp, telnet, > printing, and others listen for requests for services. You likely > didn't know that port 515 (port for printing local or network files) > is ripe for exploitation. > > You are at a crucial stage. If you don't learn this simple stuff, you > will be like those poor souls in Shakespeare, who, not catching the > tide at its flood, will wallow in the shallows, etc., at least as far > as security. > > For your own good, and for the good of your security, firewalls are > way too important to leave to magic security scripts. > You should know which other ports you have to protect, like 6000 > (your X server) and make sure to prevent unwanted people from > attaching to such services. I just edit my firewall using vi. It is > so simple that way. > ipchains-save > file > Edit the file > ipchains -F; cat file | ipchains-restore -f > Piece of cake. > Buy a book or read about firewalls. You have been warned. > In addition, if you want to arrange ipmasq or use nonstandard ports > for services (Say, to disguise your web page from your ISP which bans > such things), knowing about firewalls is essential. > Joel > ___ > http://linux.nf -- [EMAIL PROTECTED] > Archives, Subscribe, Unsubscribe, Digest, Etc > ->http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Wil: Here's the info route -n returned: Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 10.0.0.00.0.0.0 255.255.255.0 U 0 00 eth0 0.0.0.0 10.0.0.10.0.0.0 UG0 00 eth0 grc.com was not much help. First of all, I had to switch to windoze and a different firewall. They report my IP address as 10.0.0.2, and then gave me a boilerplate blurb about how IETF in their wisdom set aside a large block of addresses for internal network use (which was rather astute, and all very true, of course). Thanks. Regards, Glenn On Wednesday 05 September 2001 06:03, you wrote: > What is your gateway address? > > Also, This may be a bit cheesy, but what is the IP address that is > shown when you have your have your shields tested at www.grc.com? > > Regards, > > Wil McGilvery > Manager, Digital Media > > > Lynch Technologies Inc. > 416-744-7191 > 1-888-622-3729 > 416-744-0406 FAX > www.lynchdigital.com > > > > > > > > > -Original Message- > From: Bruce Marshall [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, September 04, 2001 3:08 PM > To: [EMAIL PROTECTED] > Subject: Re: Personal firewall > > On Tuesday 04 September 2001 02:58 pm, Glenn Williams wrote: > > Bruce: > > > > Sorry - I guess I neglected to mention - as of last Thursday I am > > on DSL - hot all the time. No dial-up or dial-on-demand. > > Well, I think then that the ISP has you on a local network. I am > pretty sure that 10.0.0.x is one of those 'non-routable' addresses > and therefore your box can't be accessed. > > Maybe someone else can give us a clue. > > > Anything else I should furnish? > > > > Regards, > > > > Glenn > > > > On Tuesday 04 September 2001 12:03, you wrote: > > > On Tuesday 04 September 2001 01:42 pm, Glenn Williams wrote: > > > > Hi, Bruce: > > > > > > > > Busy morning - later getting back to you. Here's the output of > > > > 'ifconfig' (long form): > > > > > > Well yes, but don't you dial up on the phone?? I would need > > > the ppp0 part of the ifconfig output. The 10.0.0.2 address > > > must be your local LAN address. > > > > > > > eth0 Link encap:Ethernet HWaddr 00:03:47:95:E1:B5 > > > > > > > > inet addr:10.0.0.2 Bcast:10.0.0.255 > > > > Mask:255.255.255.0 ^^^ > > > > inet6 addr: fe80::203:47ff:fe95:e1b5/10 Scope:Link > > > > inet6 addr: fe80::3:4795:e1b5/10 Scope:Link > > > > UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1 > > > > RX packets:72619 errors:0 dropped:0 overruns:0 > > > > frame:0 TX packets:8775 errors:0 dropped:0 overruns:0 carrier:0 > > > > collisions:0 txqueuelen:100 > > > > RX bytes:9553606 (9.1 Mb) TX bytes:1018790 (994.9 > > > > Kb) Interrupt:10 Base address:0xf000 > > > > > > > > Thanks. > > > > > > > > Regards, > > > > > > > > Glenn > > > > > > > > On Tuesday 04 September 2001 09:56, you wrote: > > > > > On Monday 03 September 2001 10:32 am, Glenn Williams wrote: > > > > > > Hi, Bruce: > > > > > > > > > > > > I appreciate the offer. However, my ISP uses a DHCP > > > > > > server, so I dunno how we could do that using my IP > > > > > > address. Cann one use the current dynamic address for that > > > > > > purpose? > > > > > > > > > > Yes... you would: > > > > > > > > > > 1) Connect up and stay connected. > > > > > > > > > > 2) Do an ifconfig to find your current IP address. > > > > > > > > > > 3) Send me email with same. > > > > > > > > > > 4) I run the scan. > > > > > > > > > > > > > > > > > > > > + > > > > > + + Bruce S. Marshall [EMAIL PROTECTED] > > > > > Bellaire, MI 09/04/01 11:56 + > > > > > + > > > > > + "Whenever I think of the past, it brings > > > > > back so many memories..." > > > > > ___ > > > > > http://linux.nf -- [EMAIL PROTECTED] > > > > > Archives, Subscribe, Unsubscribe, Digest, Etc > > > > > ->http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Glenn Williams wrote: > grc.com was not much help. First of all, I had to switch to windoze > and a different firewall. They report my IP address as 10.0.0.2, and > then gave me a boilerplate blurb about how IETF in their wisdom set > aside a large block of addresses for internal network use (which was > rather astute, and all very true, of course). > > Thanks. IIRC, you downloaded and ran IP_agent. That does require windows to run, it's a windows program. grc.com offers a "Shields Up" scan that tells you you external IP address, the IP that the Internet sees. I just navigated to the shields up page from RedHat, https://grc.com/x/ne.dll?bh0bkyd2, running the scan is not OS-specific. On that screen, just navigate down past the "Free IP Agent" BS and click on the button for "Test My Shields!". There's also a button there for a minimal Port scan. No download of any software should be required. HTH, Tim ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 21:30 pm, Glenn Williams wrote: > I'm using the SuSE 7.2 Pro "personal firewall" which is > non-configurable. It's either enabled or disabled, and that's about > it. However, there's a SuSE Firewall that ships with this distro, and > it is *very* configurable. So I will examine that with deeper scrutiny. Are you talking about SuSEfirewall2 ?? It seems pretty good. -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/05/01 10:57 + ++ "All the world's a stage and the people on it are poorly rehearsed." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Wednesday 05 September 2001 08:58, you wrote: > On Tuesday 04 September 2001 21:30 pm, Glenn Williams wrote: > > I'm using the SuSE 7.2 Pro "personal firewall" which is > > non-configurable. It's either enabled or disabled, and that's > > about it. However, there's a SuSE Firewall that ships with this > > distro, and it is *very* configurable. So I will examine that with > > deeper scrutiny. > > Are you talking about SuSEfirewall2 ?? It seems pretty good. Yep, that's the one. SuSE ships two firewalls - "personal firewall" which I'm using now, and the configurable SuSEFirewall, which I will probably switch to in the future when I am somewhat more knowledgeable, i.e. 5 or 10 years. 73 de Glenn -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Thanks, Tim: Obviously I did not read the info on the grc site carefully. I'll give that a try. Regards, Glenn On Wednesday 05 September 2001 08:57, you wrote: > Glenn Williams wrote: > > > > > grc.com was not much help. First of all, I had to switch to > > windoze and a different firewall. They report my IP address as > > 10.0.0.2, and then gave me a boilerplate blurb about how IETF in > > their wisdom set aside a large block of addresses for internal > > network use (which was rather astute, and all very true, of > > course). > > > > Thanks. > > > > > IIRC, you downloaded and ran IP_agent. That does require windows to > run, it's a windows program. grc.com offers a "Shields Up" scan that > tells you you external IP address, the IP that the Internet sees. I > just navigated to the shields up page from RedHat, > https://grc.com/x/ne.dll?bh0bkyd2, running the scan is not > OS-specific. > > On that screen, just navigate down past the "Free IP Agent" BS and > click on the button for "Test My Shields!". There's also a button > there for a minimal Port scan. > > > No download of any software should be required. > > > HTH, > Tim > > > > > ___ > http://linux.nf -- [EMAIL PROTECTED] > Archives, Subscribe, Unsubscribe, Digest, Etc > ->http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 11:28 am, Glenn Williams wrote: > On Wednesday 05 September 2001 08:58, you wrote: > > On Tuesday 04 September 2001 21:30 pm, Glenn Williams wrote: > > > I'm using the SuSE 7.2 Pro "personal firewall" which is > > > non-configurable. It's either enabled or disabled, and that's > > > about it. However, there's a SuSE Firewall that ships with this > > > distro, and it is *very* configurable. So I will examine that with > > > deeper scrutiny. > > > > Are you talking about SuSEfirewall2 ?? It seems pretty good. > > Yep, that's the one. SuSE ships two firewalls - "personal firewall" > which I'm using now, and the configurable SuSEFirewall, which I will > probably switch to in the future when I am somewhat more knowledgeable, > i.e. 5 or 10 years. > Firewall2 is on a special site. It is different than SuSEfirewall (don't have the site handy) > 73 de Glenn -- ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/05/01 11:51 + ++ "Mind like a steel trap - rusty and illegal in 37 states." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
On Tuesday 04 September 2001 11:30 am, Glenn Williams wrote: > Thanks, Tim: > > Obviously I did not read the info on the grc site carefully. I'll give > that a try. > > Regards, > > Glenn > Here's your NMAP scan: Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ ) RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 Interesting ports on (66.55.21.94): (The 1522 ports scanned but not shown below are in state: filtered) Port State Service 23/tcp opentelnet Nmap run completed -- 1 IP address (1 host up) scanned in 2228 seconds One port open... and just the port you don't want open. And here's what I got when I tried to telnet to it: bmarsh@linux1:~ > telnet xxx.xx.21.94 Trying xxx.xx.21.94... Connected to xxx.xx.21.94. Escape character is '^]'. User Access Verification Password:* Password:** Password: Didn't ask for a userid so maybe this is your router responding and it just needs a password. In any event, looks like your pretty well protected. ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/05/01 12:20 + ++ Murphy's Eighth Corollary: "It is impossible to make anything foolproof because fools are so ingenious." ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Bruce: Thanks for the scan and analysis. I found a couple of my old books on TCP/IP (published in '91 and '92 respectively), but could not find the one called 'Internet Security and Firewalls' so I will be browsing amazon.com for something along those lines. If anyone has a favorite title or recommendation, I'd like to hear it while I'm in a browsing mode. Best regards, Glenn On Wednesday 05 September 2001 10:23, you wrote: > On Tuesday 04 September 2001 11:30 am, Glenn Williams wrote: > > Thanks, Tim: > > > > Obviously I did not read the info on the grc site carefully. I'll > > give that a try. > > > > Regards, > > > > Glenn > > Here's your NMAP scan: > > Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ > ) RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 > Interesting ports on (66.55.21.94): > (The 1522 ports scanned but not shown below are in state: filtered) > Port State Service > 23/tcp opentelnet > > Nmap run completed -- 1 IP address (1 host up) scanned in 2228 > seconds > > > One port open... and just the port you don't want open. > > And here's what I got when I tried to telnet to it: > > bmarsh@linux1:~ > telnet xxx.xx.21.94 > Trying xxx.xx.21.94... > Connected to xxx.xx.21.94. > Escape character is '^]'. > > > User Access Verification > Password:* > Password:** > Password: > > > Didn't ask for a userid so maybe this is your router responding and > it just needs a password. > > In any event, looks like your pretty well protected. > > + >+ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI > 09/05/01 12:20 + > + >+ Murphy's Eighth Corollary: >"It is impossible to make anything foolproof because fools > are so ingenious." > ___ > http://linux.nf -- [EMAIL PROTECTED] > Archives, Subscribe, Unsubscribe, Digest, Etc > ->http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Thought you might want to make a note of this site: http://www.whatismyip.com/ ++ + Bruce S. Marshall [EMAIL PROTECTED] Bellaire, MI 09/06/01 11:29 + ++ "Books are good enough in their own way, but they are a mighty bloodless substitute for life." - Robert Louis Stevenson ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users
Re: Personal firewall
Very cool, Bruce: Thanks for posting this. I have it bookmarked. 73 de Glenn On Thursday 06 September 2001 09:30, you wrote: > Thought you might want to make a note of this site: > > > http://www.whatismyip.com/ > -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User #135678 Powered by SuSE 7.2 Linux Professional ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc ->http://linux.nf/mailman/listinfo/linux-users