Re: [newbie] bastille logs
On Friday 12 April 2002 12:35, Jay opened a general hailing frequency and transmitted to all open stations: lemme rephrase, i know what services it is blocking, i want to see what attempts it is loggiong as blocking. anyone know a good log monitoring tool? picking through all those log files sucks. -- Help Microsoft stamp out piracy. Give Linux to a friend today. shane Profile at: http://dmoz.org/profiles/shen.html Proud to be a DMOZ editor since 10-98 Mandrake Users Club Member http://www.linux-mandrake.com/en/club/ Registered linux user #101606 http://counter.li.org/ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] bastille logs
On Friday 12 April 2002 9:39 pm, shane wrote: On Friday 12 April 2002 12:35, Jay opened a general hailing frequency and transmitted to all open stations: lemme rephrase, i know what services it is blocking, i want to see what attempts it is loggiong as blocking. anyone know a good log monitoring tool? picking through all those log files sucks. LogcheckIt will go though all your logs and e-mail you with any suspicious activity derek Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille DrakGW and logs
On Wed, 27 Feb 2002 09:28:22 -0800 (PST) Paul Rodriguez [EMAIL PROTECTED] studiouisly spake these words to ponder: I asked this before, but I am still confused on this. I set up internet connection sharing with DrakGW, and set up a firewall on the gateway with Bastille. But when I run Bastille manually I get the following and it seems to mess up some stuff untill I run DrakGW again. - Paul Rodriguez Enabling Mandrake Internet Connection sharing If you would like to use Bastille's masquerading support instead, edit /etc/Bastille/bastille-firewall.cfg (especially the IP_MASQ_NETWORK setting) and run /etc/rc.d/init.d/bastille-firewall start to use Bastille's masquerading/connection sharing rules. WARNING: to allow the caching DNS server in Mandrake's Internet Connection Sharing system to work, we are adding DNS to the list of public UDP and TCP services Setting up IP spoofing protection... done. Allowing traffic from trusted interfaces... done. Setting up chains for public/internal interface traffic... done. Setting up general rules... done. Setting up outbound rules... done. Paul, While I'm a bit confused about what you're asking here the above info from Bastille when you start the firewall is normal and lets you know that things are working correctly. What exactly are you having trouble with? Its a bit unclear to me what DrakGW is exactly. -- daRcmaTTeR - Registered Linux User 182496 - 8:05am up 12:16, 2 users, load average: 0.54, 0.36, 0.19 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] bastille and drakgw (gateway)
On 09 Feb 2002 11:14:37 -0500 Paul Rodríguez [EMAIL PROTECTED] studiouisly spake these words to ponder: How do I set up a firewall on my gateway which I setup via drakgw? - Paul Rodriguez Paul, To get your firewall going use Tiny Firewall in Mandrake Control Center. This will get Bastille-firewall going with a basic, but adequate configuration. you will want to then tweak the rules sets later if you're using this on a network gateway. If you need help or pointers for this write me off list and we can hash it out. -- daRcmaTTeR - Registered Linux User 182496 - 8:05am up 6 days, 2 min, 2 users, load average: 0.79, 0.39, 0.30 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [newbie] bastille and gateway
Hi, Bastille is a collection of perl scrits that configure your iptabels. These iptables are realy doing the job, filtering incomming and outgoing data according to the rules the Bastille scripts put in. At startup the Bastille scripts are started, but you need also start iptables at boot. You can configure the Bastille settings manualy in the file /etc/Bastille/bastille-firewall.cfg and you can start/stop/restart Bastille and iptables with the command /etc/rc.d/init.d/bastille-firewall [start|stop|restart]. You can check the settings of the iptables with the command iptables -L. Good luck, Jeroen v.d. Westelaken -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens Paul Rodríguez Verzonden: zaterdag 9 februari 2002 3:20 Aan: newbie Onderwerp: [newbie] bastille and gateway Hi, when I set up my gateway via drakgw (Mandrake Control Center) it seems to do something funky with bastille? What exactly is happening, is bastille turned off when drakgw starts working? How do I get them to play nice? - Paul Rodriguez _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] bastille and drakgw (gateway)
How do I set up a firewall on my gateway which I setup via drakgw? - Paul Rodriguez _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] bastille and gateway
Hi, when I set up my gateway via drakgw (Mandrake Control Center) it seems to do something funky with bastille? What exactly is happening, is bastille turned off when drakgw starts working? How do I get them to play nice? - Paul Rodriguez _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille in LM 7.0?
My installation runs LM 7.0. I've been reading previous mails from newbie and expert lists and think Bastille will solve my firewall and redirection problems. I'vebeen already advise to move into LM 8.1, but since this is a rather key installation want to make sure that there is no way to install Bastille on LM 7.0. If this is possible, where to download it. Thanks, Mario.
[newbie] Bastille firewall log
I am running Mandrake 8.1 and dual booting with WinME (temporarily, I hope). I am on a cable modem and I run the Zone Alarm Pro firewall in windows. ZA logs all attempts to access my machine in a text log. I opted to install the Bastille firewall in Mandrake 8.1 and it works very well as I have had GRC.com's Shields Up probe my machine and it reports all ports in stealth. I have looked for a log from Bastille, but I cannot find any mention of it in the docs so far. Can anyone on this list point me in the right direction? Must logging be enabled in the default install of Bastille? If so, how? Thanks, Jim Gentry Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille error
Todd Slater wrote: When I try to run Interactive Bastille I get the following error: Using Tk user interface module. Only displaying questions relevant to the current configuration. Can't locate Bastille_Tk.pm in @INC (@INC contains: /usr/lib /usr/lib/perl5/5.6.1/i386-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i386-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl /usr/lib/perl5/site_perl/ /usr/lib/Bastille) at /usr/sbin/InteractiveBastille line 276. Would one of you kind souls know how to resolve this? Todd Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Install Bastille_Tk Use the software manager and the flat list and look at Installables Civileme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille error FIXED
On Monday 14 January 2002 08:58 pm, you wrote: When I try to run Interactive Bastille I get the following error: Using Tk user interface module. Only displaying questions relevant to the current configuration. Can't locate Bastille_Tk.pm in @INC (@INC contains: /usr/lib /usr/lib/perl5/5.6.1/i386-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i386-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl /usr/lib/perl5/site_perl/ /usr/lib/Bastille) at /usr/sbin/InteractiveBastille line 276. Install Bastille_Tk Use the software manager and the flat list and look at Installables Civileme That did it, thanks! Now, if I only knew what all of that is about. Todd Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille error
At 08:37 PM 1/14/2002 -0500, Todd Slater wrote: When I try to run Interactive Bastille I get the following error: Using Tk user interface module. Only displaying questions relevant to the current configuration. Can't locate Bastille_Tk.pm in @INC (@INC contains: /usr/lib /usr/lib/perl5/5.6.1/i386-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i386-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl /usr/lib/perl5/site_perl/ /usr/lib/Bastille) at /usr/sbin/InteractiveBastille line 276. Would one of you kind souls know how to resolve this? You need to install the Bastille_Tk.pm RPM from one of the installation CD's. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille and cable modem
Hello all, I have lm8.0 running as a logon and print server. I had Bastille configured and running ok sharing my dial up connection, but since I had cable connected last week, everything works ok EXCEPT for internet sharing. I have the cable modem on.eth0 and the LAN on eth1. I have tried everything I can think off to o avil. I presume it is just a setting in bsille.conf, any ideas? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille
Thanks to Skinky Dennis, I've now used InteractiveBastille and checked www.grc.com and all ports show as closed. A stealth scan at sygate shows all ports blocked except the following so it would appear to be working (or nearly). FTP 21 CLOSED SSH 22 CLOSED SMTP 25 CLOSEDDNS 53 CLOSED WEB 80 CLOSED HTTPS 443 CLOSED On Tuesday 11 December 2001 02:12 am, you wrote: On Tuesday 11 December 2001 04:40, poogle wrote: | I have iptables installed, all the Bastille packages and used | BastilleChooser rather than baffle myself with InteractiveBastille, done | a stealth scan at http://scan.sygatetech.com which shows ports as | closed rather than stealth, I understand from previous posts that if | Bastille is running properly that ports should show as stealth, can | someone tell me where I've gone wrong please ? | -- IIRC the Sygatech port scans should show as blocked if your computer is to be invisible to the internet. Try Shields Up at www.grc.com - that will show your ports as being in stealth or closed mode. If that shows as closed something's wrong which I can't help you with because I use Tiny Firewall (in mcc) but hopefully someone else can help you. skinky -- Poogle Registered Linux user 182657 (added to sig for the benefit of those irritated by it) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille
I have iptables installed, all the Bastille packages and used BastilleChooser rather than baffle myself with InteractiveBastille, done a stealth scan at http://scan.sygatetech.com which shows ports as closed rather than stealth, I understand from previous posts that if Bastille is running properly that ports should show as stealth, can someone tell me where I've gone wrong please ? -- Poogle Registered Linux user 182657 (added to sig for the benefit of those irritated by it) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille
On Monday 10 December 2001 10:40, you wrote: I have iptables installed, all the Bastille packages and used BastilleChooser rather than baffle myself with InteractiveBastille, done a stealth scan at http://scan.sygatetech.com which shows ports as closed rather than stealth, I understand from previous posts that if Bastille is running properly that ports should show as stealth, can someone tell me where I've gone wrong please ? -- Poogle Registered Linux user 182657 (added to sig for the benefit of those irritated by it) You probably don't have it locked down tight enough with the defaults. Try as root or su going to /sbin and typing in InteractiveBastille and running through the install gui that way. You can be in KDE or Gnome to do it. If you do it this way do not choose file limits yes as it will stop your ability to do a su from a user console. There is an error in the scripts for security.config that makes the su not work. Bastille works very well for me and it is not too difficult to set up, if you have questions, come back to the list or email me at [EMAIL PROTECTED] . -- Dennis M. registered linux user # 180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille
On Tuesday 11 December 2001 04:40, poogle wrote: | I have iptables installed, all the Bastille packages and used | BastilleChooser rather than baffle myself with InteractiveBastille, done | a stealth scan at http://scan.sygatetech.com which shows ports as | closed rather than stealth, I understand from previous posts that if | Bastille is running properly that ports should show as stealth, can | someone tell me where I've gone wrong please ? | -- IIRC the Sygatech port scans should show as blocked if your computer is to be invisible to the internet. Try Shields Up at www.grc.com - that will show your ports as being in stealth or closed mode. If that shows as closed something's wrong which I can't help you with because I use Tiny Firewall (in mcc) but hopefully someone else can help you. skinky -- But what ... is it good for? (Engineer at the Advanced Computing Systems Division of IBM, 1968, commenting on the microchip) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille
On Monday 10 December 2001 22:01, you wrote: I still don't consider ths a bug, I can get into the machine form any where I choose, if I set it up to not allow me in as root via network or virutual console (ALT+CTRL+f4) or SU. still works, just won't let a 'root user in the wrong door. but I choose the doors to lock. Actually it isn't so much of a bug as an error in coding. The value in the file is 10 and should be 100. Oh, the file is /etc/security/limits.conf so if you choose yes for file limits in the Bastille install it will have the wrong size for a user, and must be changed by adding one or two zeros. This then still serves to limit the ability for a cracker to use the machine in DDOS attacks. At least that was what I gleaned from the Bastille mail list during the process of developing the current stable package. Just a piece of info that I find interesting cause it causes a problem and the developers have never fixed it that I know of. -- Dennis M. registered linux user # 180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] bastille anyone?
Hi i get the following errors after doing a bastille-firewall-reset: # bastille-firewall-reset Setting up IP spoofing protection... done. Allowing traffic from trusted interfaces... done. Loading NAT modules... done. Setting up masquerading rules... done. Loading masquerading modules...insmod: ip_nat_raudio: no module by that name found Error loading ip_nat_raudio module insmod: ip_nat_vdolive: no module by that name found Error loading ip_nat_vdolive module insmod: ip_nat_cuseeme: no module by that name found Error loading ip_nat_cuseeme module insmod: ip_nat_quake: no module by that name found Error loading ip_nat_quake module done. Setting up chains for public/internal interface traffic... done. Setting up general rules...iptables v1.2.2: invalid TCP port/service `linuxconf' specified Try `iptables -h' or 'iptables --help' for more information. done. Setting up outbound rules... done. The firewall works and is rocksolid but those masquerading modules where are they ? What packet do i have to install to have them available ? I need to use dcc/irc and the realplayer doesnt work either Specs: Mandrake 8.1 unmodified on the firewall Mandrake 8.1 using kernel 2.4.13 (running great!) and kde2.2.2 on an internal workstation (realplay doesnt work, either because of the missing masq. modules or because of kde2.2.2 you tell me=)) Thanks Florian -- - POWERED BY LINUX - Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] bastille and distributed file sharing (gnutella)
Hi, I need some help safely connecting to some file sharing networks. I use Bastille and I'd like to connect to Gnutella (using gtk-gnutella). As it stands I can connect search and download fine, but I can't seem to share my files. How can I open up a connection safely? I'm hesitant to just choose a port to leave open, is there a secure way to do this? -Paul Rodríguez _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille and dhcp
Hello all, Still trying to get Bastille configured correctly. Does any one know what I have to change in the Bastille configuration to allow dhcp to serve ip addresses to my win98 clients? dhcp works ok until I start Bastille. Colin Jenkins ICQ: 650611 registered linux user 223862 Let's put the blame where it belongs: On somebody else. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille and dhcp
Hello all, I was wondering if anyone can 'walk' me though seting up Bastille in lm8.0. My problem is, that if I run InteractiveBastille, my windows boxes no longer get an ip address. I played with the bastille config file, but then internet sharing stopped. It seems I can have either a firewall or dhcp and internet sharing, but not both. I noticed after running bastille and reebooting, I got an error like Ip virtual server could not open /proc/net/ip_masq/vs file. I have iptables installed but Mandrake Control center says ipchains and iptables are stopped. is that normal? Colin Jenkins ICQ: 650611 registered linux user 223862 Politics. From the greek poly, meaning many, and ticks, a small, annoying bloodsucker. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] bastille and irc
I'm sure this has been covered before, I appologize for that. But I cannot connect to IRC through my Bastille Firewall (mostly default settings). What parameters effect being able to connect to an IRC host? Thanks a lot for your help. -Paul Rodríguez _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] bastille and irc [resolved]
How embarrassing. Issue resolved. It was my fault, no firewall problem. -Paul Rodríguez On Mon, 2001-10-22 at 12:44, Paul Rodríguez wrote: I'm sure this has been covered before, I appologize for that. But I cannot connect to IRC through my Bastille Firewall (mostly default settings). What parameters effect being able to connect to an IRC host? Thanks a lot for your help. -Paul Rodríguez _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com =_1003769107-1734-2130 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] bastille and irc
In reply to Paul Rodríguez's words, written 22 Oct 2001 12:44:26 -0400 You should open port 6667 and sometimes also 6668 and 7000. I'm sure this has been covered before, I appologize for that. But I cannot connect to IRC through my Bastille Firewall (mostly default settings). What parameters effect being able to connect to an IRC host? -- If you drink to forget Please pay in advance (found in bar in Wisconsin) http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.6.3 claws Open Source, Open Minds. Linux. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] bastille and irc [resolved]
In reply to Paul's words, written 22 Oct 2001 12:59:31 -0400 How embarrassing. Issue resolved. It was my fault, no firewall problem. No worries. it is embarrassing when you have the answer in hand and still can't fix it. ;) Paul -- If you drink to forget Please pay in advance (found in bar in Wisconsin) http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.6.3 claws Open Source, Open Minds. Linux. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille Firewall pop-3
Thanks, I think it was causing me trouble because of the mispelling. :) -Paul Rodríguez On Fri, 2001-10-19 at 06:46, Paul wrote: In reply to Paul Rodriguez's words, written Thu, 18 Oct 2001 19:22:34 -0700 (PDT) How important is adding pop-3 to the list of TCP services to audit in InteractiveBastille? It would be pop3, and if you don't allow that to go through, you won't be able to get mail from a pop3 server. If you only do webmail that would be fine. Paul -- This message has been ROT-13 encrypted twice for higher security. http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.6.3 Open Source, Open Minds. Linux. =_1003467146-1734-1436 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille Firewall pop-3
In reply to Paul Rodriguez's words, written Thu, 18 Oct 2001 19:22:34 -0700 (PDT) How important is adding pop-3 to the list of TCP services to audit in InteractiveBastille? It would be pop3, and if you don't allow that to go through, you won't be able to get mail from a pop3 server. If you only do webmail that would be fine. Paul -- This message has been ROT-13 encrypted twice for higher security. http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.6.3 Open Source, Open Minds. Linux. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille Firewall pop-3
How important is adding pop-3 to the list of TCP services to audit in InteractiveBastille? -Paul Rodríguez __ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille adventure
Hello: Setting up the bastille firewall is turning into an adventure. Although I pretty much having it do what I want, there are some nagging issues I am hoping somebody can assist me. 1. Background info: Running LM8.0 in a dell 4100 series pc using an 800 mhz pIII processor with 384meg of RAM. 2. Most annoying: I keep loosing my lan connection to my win box. I will have everything running (meaning my lan, the firewall, and my internet connection) pretty good. I will then walk away from the computer, and come back, say an hour later. When I return, I can no longer access the c drive in my win box. If I try, I get a input/output error. To get it back, I must shut down the firewall, unmount and remount the c drive and restart the firewall (by firewall I mean Bastille). FWIW, I don't loose my samba connection. I suspect the firewall, because if the firewall is down, and I leave for 2 hours or more, the network is just fine when I return. I have checked the bastille-firewall.cfg file and I don't see anything involving some kind of network time out variable. Could it be related to one of the icmp variables? 3. Not so annoying: Thekernel modules to masquerade option in InteractiveBastille has the default setting of ftp raudio vdolive. To the list I added irc. When I load bastille-firewall I get the error messages could not find ip_nat_raudio and ip_nat_vdolive. I searched in my system for both files (used the command find / ip_nat_raudio* -print) and I could not find them. Any ideas where they might be? Either in my system or on some web page? I assume ip_nat_raudio is for realplayer. I have been able to do a workaround by dedicating a couple of ports to real player. Imho, it is not the best solution, but it should do until I am able to find the nat file for it. I have no idea what is vdolive? Again, if somebody can suggest where I might find it, I would appreciate it. 4. Not annoying but still: I use IRC and in order for the servers to identify my client, I must leave port 113 open. Is there a way where I can shut down the port after the server has identified my client? I had to install identd in my system for the i.d. process to work properly. Thanks in advance Dexter Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille-related problem: can't log in as su . . .
On Saturday 22 September 2001 01:57, you wrote: On Fri, 21 Sep 2001 22:16:57 -0700, WCBaker [EMAIL PROTECTED] wrote: Hi! I used InteractiveBastille. Subsequently I could not go into a terminal in a non-root account and log in as su. As soon as I enter the correct password I get the message File size limit exceeded. I don't think that the log files could be so big (I only re-installed a few days ago and have not been on the system much) Also, when I returned to Interactive-Bastille in another session, to reset some options, there seemed to be no effect. . . Is there something like a Bastille-reload? I'm clearly clobbering myself but I'm not sure how. Cheers! -warren I can't remember the exact answer, but I know that this has been brought up on the list several times. Try searching the list archives. Content-Type: text/plain; charset=us-ascii; name=message.footer Content-Transfer-Encoding: 8bit Content-Description: Pauls answer is the right one. This is a bug or feature that has not been corrected even in the final release as far as I can tell. So, try rerunning InteractiveBastille and select no for the file size limits. This was put in, by the way to eliminate the possiblity of the computer being taken over to use as part of a DDOS attack. It kinda messes things up a bit. HTH -- Dennis M. registered linux user # 180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [newbie] Bastille firewall
Did you choose the option in setting up Bastille that said Disable SUID for floppy or mount and unmount or some something like that? -Paul Rodríguez On 19 Sep 2001 00:11:53 -0400, Vinh N. Pham wrote: Thank you, I know it works now. And as a result, my cdrom and floppy disk do not work anymore. I can still read the Windows partition though. Do you know how I can fix this problem? Thanks, Vinh N. Pham -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Paul Rodríguez Sent: Tuesday, September 18, 2001 8:43 PM To: [EMAIL PROTECTED] Subject: Re: [newbie] Bastille firewall As root run logview, also accessible from the menu at Applicaions Monitoring System Log Viewer. Not sure about a write-as-you-go firewall scripter like ZoneAlarm. -Paul Rodríguez On 18 Sep 2001 11:35:39 -0400, Vinh N. Pham wrote: How can I know whether my Bastille filewall is working at all. I can't find any process when I do a ps aux that name bastille. Seem to me (through what I see in the interactive setup) that Bastille only block certain service Is there anything similar to ZoneLabs in Window where I can approve or not base on certain application? Thanks, Vinh N. Pham =_1000827276-7607-4519 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com =_1000872671-779-47 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille-related problem: can't log in as su . . .
Hi! I used InteractiveBastille. Subsequently I could not go into a terminal in a non-root account and log in as su. As soon as I enter the correct password I get the message File size limit exceeded. I don't think that the log files could be so big (I only re-installed a few days ago and have not been on the system much) Also, when I returned to Interactive-Bastille in another session, to reset some options, there seemed to be no effect. . . Is there something like a Bastille-reload? I'm clearly clobbering myself but I'm not sure how. Cheers! -warren Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille-related problem: can't log in as su . . .
The file size limit you are experiencing is a result of an option you set Would you like to put limits on system resource usage? In the past I have had to choose no in order to avoid the issue you are experiencing. -Paul Rodríguez On 21 Sep 2001 22:16:57 -0700, WCBaker wrote: Hi! I used InteractiveBastille. Subsequently I could not go into a terminal in a non-root account and log in as su. As soon as I enter the correct password I get the message File size limit exceeded. I don't think that the log files could be so big (I only re-installed a few days ago and have not been on the system much) Also, when I returned to Interactive-Bastille in another session, to reset some options, there seemed to be no effect. . . Is there something like a Bastille-reload? I'm clearly clobbering myself but I'm not sure how. Cheers! -warren =_1001135832-779-846 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille firewall
How can I know whether my Bastille filewall is working at all. I can't find any process when I do a ps aux that name bastille. Seem to me (through what I see in the interactive setup) that Bastille only block certain service Is there anything similar to ZoneLabs in Window where I can approve or not base on certain application? Thanks, Vinh N. Pham Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Bastille firewall
In reply to Vinh's words, written Tue, 18 Sep 2001 11:35:39 -0400 Bastille is a frontend to configure iptables. If things are working you can tell by going su and running iptables -L (capital l!) Paul How can I know whether my Bastille filewall is working at all. I can't find any process when I do a ps aux that name bastille. Seem to me (through what I see in the interactive setup) that Bastille only block certain service Is there anything similar to ZoneLabs in Window where I can approve or not base on certain application? Thanks, Vinh N. Pham -- Avoid cliches like the plague http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.6.2 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Bastille
Hello All, On my home LAN, I have set up LM8 on a p166 with 80M ram. I use it for internet sharing, print sharing and domain logon. (samba, DHCP) apache I installed InteractiveBastille last night, but security is just a little tight. My windows boxes could not log on ping or print, but could share the web. I ended up in removing Bastille. Is what I am trying to do not possible on one box, or is there a way of having security, but still allowing logons etc? Colin Jenkins ICQ: 650611 registered linux user 223862 Eschew obfuscation. Want to buy your Pack or Services from MandrakeSoft? Go to http://.mandrakestore.com
[newbie] Bastille
Hi folks, Just got my firewall up with interactive bastille. I only have a small problem: it is too good! When the firewall is up, I don't get any SMTP mail from my provider anymore. So I have to go in with fetchmail or shut down the firewall. Can someone point me to the proper setting that I have to allow? I assume it is enabling the SMTP port but I don't recall what it is. Was it 25? Paul -- The biggest mistake is believing that there is one right way to listen, to talk, to have a conversation - or a relationship. -Deborah Tannen http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.5.2 ** http://www.care2.com - when you care **
[newbie] Bastille solved
Okay folks, already got it. I only had to allow 'smtp', no need to futz with port numbers. Paul -- The biggest mistake is believing that there is one right way to listen, to talk, to have a conversation - or a relationship. -Deborah Tannen http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.5.2 ** http://www.care2.com - when you care **
[newbie] Bastille-firewall hangs on startup
I installed Mandrake 8.0 about a week ago and a couple of days ago after a system crash it started showing problems when the system starts up. I get all the way through the boot and the initial startup to the point where the default console mode login displays; then the system tries to start Bastille-firewall and hangs at that point. Any ideas? Thanks Steve Lewis
[newbie] Bastille?
Once Bastille is installed, what is the executable name?! -- Leif Madsen 'There are two possibilities. Maybe we're alone. Maybe we're not. Both are equally frightening.' [Attributed to either Bertrand Russell or Isaac Asimov]
[newbie] Bastille, browse only as root
I reinstalled Mandrake 8, straight out of he box i installed roaring penguin's pppoe version 3. Worked fine. Later I ran InteractiveBastille, configured my system securiy. For some reason i can browse sites as root, but as user I can only browse by ip address. I tried stopping Batille, and also stopping it from starting up at boot, no change. What's up with this? Can I change this? -Paul R
[newbie] Bastille and no root for you
I remember seeing this post a while back and thought nothing of it other than that stinks. Well I installed Bastille myself and I have the same problem. I can't log in as root. At the graphical login screen, everything looks normal. I can log in to my user account, no problem. I can su to root, get into drakconfig, and all that other good stuff. But, when I try to use the graphical login screen to log in as root, I get a login failed message as if I were typing in the wrong password. But, it's not the wrong password and the right one works everywhere else. Bastille was the only thing I installed between the last time I went in as root and now. I attempted going through all the rules for Bastille and changing all the ones that seemed likely to affect the login attempt. My thoughts right now are to uninstall Bastille and see if that works, but I'm not familiar with doing packages thru the console. If that doesn't work, I'll reinstall mandrake :^( But I come to the list for help so that I may avoid reinstalling. Anyone have anything that can help? Thanks, Hans -Cut- From: Duke Glover Subject: [newbie] Can't log in to root account Date: Mon, 16 Oct 2000 14:46:00 -0700 Hello Linux gods, Mandrake Linux 7.0 I made the mistake of running Bastille Linux 1.1.0 on my machine. Anyway, ever since I rebooted I can no longer login to the root account. Does anyone know a way around this ? Without root access I can't do anything. There may be a uninstall/undo in /root/Bastille/ , but I can't even get into that directory. Please help. How can I reset a root password without root access ? Duke Glover [EMAIL PROTECTED]
Re: [newbie] Bastille and no root for you
Hans N. wrote: At the graphical login screen, everything looks normal. I can log in to my user account, no problem. I can su to root, get into drakconfig, and all that other good stuff. But, when I try to use the graphical login screen to log in as root, I get a login failed message as if I were typing in the wrong password. But, it's not the wrong password and the right one works Security is what Bastille is all about. How do you enforce security? Force someone to have a regular account and only give them the ability to su to root if absolutely necessary. This is a security driven feature, not a bug. Also a general philosophy: you should do as little as possible as the root user. You should only become root when you need to do administrative things such as change a configuration file for a service and stop/start/restart services. By forcing you to not use root carelessly, the installation is preventing disasters like rm -rf * /. Notice the extra space between the * and the /. This will cause it to first delete all files in the current directory, then begin a recursive delete of the root directory. Whereas if you were to try to execute this command as a regular user, you would only destroy your home directory and the root directory would be a long string of permission denied messages. I personally can't stand it when someone says its for your own good, but this is just such a case. Once you gain experience and understand the many differences between the permissions controlled regular users and the almost unlimited power of the super user (root), you'll be able to safely use its power. -- tlyons at mandrakesoft dot com http://www.linux-mandrake.com/en