Re: [newbie] Network Firewall Question
On Tue, 8 Aug 2000, Steve Weltman wrote: Still having some trouble getting the IP-Masq'ing done from one interface to another. Let me know if there's any finepoints that I need to know. Thanks!! Hi Steve, I am sorry, I can't help you with IP masq'ing, I don't use it... Good luck finding out though! Paul -- God must love crazy people: he made SO MANY of them! )0([[EMAIL PROTECTED]])0( http://nlpagan.net - ICQ 147208 Registered Linux User 174403 -=PINE 4.21+Linux Mandrake 7.1=-
Re: [newbie] Network Firewall Question
How mau interfaces are you masquing inside? There's a wonderful script, although I have seen one or two people have some trouble with it here (linux-mandrake), called pmfirewall... you can get it at www.pointman.org It will scrpt all the ipchains rule you need for opening/closing outside services, and for masquing internal interfaces. You can customise it as well. I don't know quite how it behaves under a "high" or "paranoid" secure install of MDK, though (my firewall is RedHat 6.2). You do need to carefully configure your clients with IP, subnetmask, gateway, and DNS if you're not runnig a dhcp server off the firewall. If you're still having trouble with the ipchains rules and masquing, you might give it a try. you can always remove it if you don't like it. --Greg On Tue, 8 Aug 2000, Steve Weltman wrote: Still having some trouble getting the IP-Masq'ing done from one interface to another. Let me know if there's any finepoints that I need to know. Thanks!! __ message envoye depuis http://www.ifrance.com emails (pop)-sites persos (espace illimite)-agenda-favoris (bookmarks)-forums Ecoutez ce message par tel ! : 08 92 68 92 15 (france uniquement)
Re: [newbie] Network Firewall Question
Hi Paul... I just got on the mailing list of the PMFirewall. I will look at the software as well. Still having some trouble getting the IP-Masq'ing done from one interface to another. Let me know if there's any finepoints that I need to know. Thanks!! Steve Weltman - Original Message - From: "Paul" [EMAIL PROTECTED] To: "Renaud OLGIATI" [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, August 05, 2000 4:46 PM Subject: Re: [newbie] Network Firewall Question On Thu, 3 Aug 2000, Renaud OLGIATI wrote: On Sat, 29 Jul 2000, Steve Weltman wrote: I use IPChains...very effective, and there's a Mandrake GUI that can be used as a front end if the user (like me) is command line shy. How do you call the GUI (or: What is the name of the executable file) ? WHy not get pmfirewall? The webpage for pmfirewall is: http://www.pointman.org Okay, it is text-based, but s simple. And nails your box shut for attacks as much as you want. The shields-up section at www.grc.com could not even detect my computer. Paul -- We live like robots. This requires nerves of steel!! )0([[EMAIL PROTECTED]])0( http://nlpagan.net - ICQ 147208 Registered Linux User 174403 -=PINE 4.21+Linux Mandrake 7.1=-
Re: [newbie] Network Firewall Question
On Thu, 3 Aug 2000, Renaud OLGIATI wrote: On Sat, 29 Jul 2000, Steve Weltman wrote: I use IPChains...very effective, and there's a Mandrake GUI that can be used as a front end if the user (like me) is command line shy. How do you call the GUI (or: What is the name of the executable file) ? WHy not get pmfirewall? The webpage for pmfirewall is: http://www.pointman.org Okay, it is text-based, but s simple. And nails your box shut for attacks as much as you want. The shields-up section at www.grc.com could not even detect my computer. Paul -- We live like robots. This requires nerves of steel!! )0([[EMAIL PROTECTED]])0( http://nlpagan.net - ICQ 147208 Registered Linux User 174403 -=PINE 4.21+Linux Mandrake 7.1=-
Re: [newbie] Network Firewall Question
On Sat, 29 Jul 2000, Steve Weltman wrote: I use IPChains...very effective, and there's a Mandrake GUI that can be used as a front end if the user (like me) is command line shy. How do you call the GUI (or: What is the name of the executable file) ? TIA, Ron the Frog, on the banks of the Paraguay River -- Fashion is a form of ugliness so intolerable that we have to alter it every six months. -- Oscar Wilde --- http://personales.conexion.com.py/~rolgiati ---
Re: [newbie] Network Firewall Question
I use IPChains...very effective, and there's a Mandrake GUI that can be used as a front end if the user (like me) is command line shy. Steve Weltman - Original Message - From: "Roderick F.Lazaro" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 27, 2000 6:49 PM Subject: Re: [newbie] Network Firewall Question On Mon, 24 Jul 2000, you wrote: Hello all, In the last few days I have seen many postings on the list pertaining to different firewall software that is based on Linux. I am looking to set up my own firewall for my computers at college, and I am wondering which of these programs I have heard about would work better... So far I have heard of Freesco, and Fireplug. Try reading up on IPChains...
Re: [newbie] Network Firewall Question
On Mon, 24 Jul 2000, you wrote: Hello all, In the last few days I have seen many postings on the list pertaining to different firewall software that is based on Linux. I am looking to set up my own firewall for my computers at college, and I am wondering which of these programs I have heard about would work better... So far I have heard of Freesco, and Fireplug. Try reading up on IPChains...
[newbie] Network Firewall Question
Hello all, In the last few days I have seen many postings on the list pertaining to different firewall software that is based on Linux. I am looking to set up my own firewall for my computers at college, and I am wondering which of these programs I have heard about would work better... So far I have heard of Freesco, and Fireplug. I would like to create a firewall (separate computer if that is better) that will protect my windows and Linux boxes ( I have a dual boot desktop and laptop). I would still like to be able to use the Internet fully and play games, as well as Telnet or FTP into the other box from somewhere on campus (with my laptop) if I ever need to. As far as I can tell, my university (Southern Illinois University at Carbondale) has no firewall for the students connected to the network... I know very little about networks and how they work, so even after I have read the manuals on Freesco and Fireplug, I am still very lost as to how to proceed. I would ideally like my computers to not be seen by the outside world :) If anyone knows which program (freesco or fireplug, or another one) would do what I am looking for, I would greatly appreciate the input. Also, some quick info on what my firewall box should have in it would be a plus :) Thanks in advance and sorry for the long posting! - Joe :) -- | Have you petted your penguin today? :) | | Registered Linux user #183248 | -- Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Re: [newbie] Network Firewall Question
One of the easier-to-use and reliable firewall scripts that I've found is pmfirewall. You can download the latest version free at www.pointman.org It is a very flexible script that loads ipchains rules each time a connection is made to the internet, or the interface is brought up. I supports masquerading for internal hosts and has a lot of internal otptions that allow you to open and close a variety of ports for various servers and services. I use it on my home firewall (RH6.1) without any problems. Since Mandrake is a Red Hat port, you should not have any problems. You may also want to look at portsentry (look to freshmeat.net for the location) which is a port scanner detection utility. Also very versatile, and reliable. This will protect you from stealth scans and other hacks. Third, you may wish to drop the telnet idea, and go with ssh (also, look to freshmeat). It uses a 768bit encryption key and renews that key at every login (or at intervals whichever is longer). There is a utility called PuTTY (also SecureShel) that works on a windows machine to access ssh on a Linux/Unix machine. Far more secure than telnet. As long as you have an IP addres, you machine will be locate-able on the internet. But with a firewall utility, and something such as portsentry you can make the openings (ports) seem to disappear. Portsentry will also update the ipchains rules and lock out any hosts that appear to be dangerous. Entries are made to the hosts.deny file that include host name and IP address. Once that is done your machine almost does disappear--atleast as far as that particular host is concerned. --Greg - Original Message - From: Joe Brault [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, July 23, 2000 12:33 PM Subject: [newbie] Network Firewall Question Hello all, In the last few days I have seen many postings on the list pertaining to different firewall software that is based on Linux. I am looking to set up my own firewall for my computers at college, and I am wondering which of these programs I have heard about would work better... So far I have heard of Freesco, and Fireplug. I would like to create a firewall (separate computer if that is better) that will protect my windows and Linux boxes ( I have a dual boot desktop and laptop). I would still like to be able to use the Internet fully and play games, as well as Telnet or FTP into the other box from somewhere on campus (with my laptop) if I ever need to. As far as I can tell, my university (Southern Illinois University at Carbondale) has no firewall for the students connected to the network... I know very little about networks and how they work, so even after I have read the manuals on Freesco and Fireplug, I am still very lost as to how to proceed. I would ideally like my computers to not be seen by the outside world :) If anyone knows which program (freesco or fireplug, or another one) would do what I am looking for, I would greatly appreciate the input. Also, some quick info on what my firewall box should have in it would be a plus :) Thanks in advance and sorry for the long posting! - Joe :) -- | Have you petted your penguin today? :) | | Registered Linux user #183248 | -- Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com * Want free email? Sign up at http://www.freeze.com !
Re: [newbie] Network Firewall Question
One of the easier-to-use and reliable firewall scripts that I've found is pmfirewall. You can download the latest version free at www.pointman.org It is a very flexible script that loads ipchains rules each time a connection is made to the internet, or the interface is brought up. I supports masquerading for internal hosts and has a lot of internal otptions that allow you to open and close a variety of ports for various servers and services. I use it on my home firewall (RH6.1) without any problems. Since Mandrake is a Red Hat port, you should not have any problems. You may also want to look at portsentry (look to freshmeat.net for the location) which is a port scanner detection utility. Also very versatile, and reliable. This will protect you from stealth scans and other hacks. Third, you may wish to drop the telnet idea, and go with ssh (also, look to freshmeat). It uses a 768bit encryption key and renews that key at every login (or at intervals whichever is longer). There is a utility called PuTTY (also SecureShel) that works on a windows machine to access ssh on a Linux/Unix machine. Far more secure than telnet. As long as you have an IP addres, you machine will be locate-able on the internet. But with a firewall utility, and something such as portsentry you can make the openings (ports) seem to disappear. Portsentry will also update the ipchains rules and lock out any hosts that appear to be dangerous. Entries are made to the hosts.deny file that include host name and IP address. Once that is done your machine almost does disappear--atleast as far as that particular host is concerned. --Greg - Original Message - From: Joe Brault [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, July 23, 2000 12:33 PM Subject: [newbie] Network Firewall Question Hello all, In the last few days I have seen many postings on the list pertaining to different firewall software that is based on Linux. I am looking to set up my own firewall for my computers at college, and I am wondering which of these programs I have heard about would work better... So far I have heard of Freesco, and Fireplug. I would like to create a firewall (separate computer if that is better) that will protect my windows and Linux boxes ( I have a dual boot desktop and laptop). I would still like to be able to use the Internet fully and play games, as well as Telnet or FTP into the other box from somewhere on campus (with my laptop) if I ever need to. As far as I can tell, my university (Southern Illinois University at Carbondale) has no firewall for the students connected to the network... I know very little about networks and how they work, so even after I have read the manuals on Freesco and Fireplug, I am still very lost as to how to proceed. I would ideally like my computers to not be seen by the outside world :) If anyone knows which program (freesco or fireplug, or another one) would do what I am looking for, I would greatly appreciate the input. Also, some quick info on what my firewall box should have in it would be a plus :) Thanks in advance and sorry for the long posting! - Joe :) -- | Have you petted your penguin today? :) | | Registered Linux user #183248 | -- Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com * Want free email? Sign up at http://www.freeze.com ! * Want free email? Sign up at http://www.freeze.com !
Re: [newbie] Network Firewall Question
for straight up firewall I'm pretty damn happy with PMfirewall. http://www.pointman.org/PMFirewall/ check it out! Dacia --- Joe Brault [EMAIL PROTECTED] wrote: Hello all, In the last few days I have seen many postings on the list pertaining to different firewall software that is based on Linux. I am looking to set up my own firewall for my computers at college, and I am wondering which of these programs I have heard about would work better... So far I have heard of Freesco, and Fireplug. I would like to create a firewall (separate computer if that is better) that will protect my windows and Linux boxes ( I have a dual boot desktop and laptop). I would still like to be able to use the Internet fully and play games, as well as Telnet or FTP into the other box from somewhere on campus (with my laptop) if I ever need to. As far as I can tell, my university (Southern Illinois University at Carbondale) has no firewall for the students connected to the network... I know very little about networks and how they work, so even after I have read the manuals on Freesco and Fireplug, I am still very lost as to how to proceed. I would ideally like my computers to not be seen by the outside world :) If anyone knows which program (freesco or fireplug, or another one) would do what I am looking for, I would greatly appreciate the input. Also, some quick info on what my firewall box should have in it would be a plus :) Thanks in advance and sorry for the long posting! - Joe :) -- | Have you petted your penguin today? :) | | Registered Linux user #183248 | -- Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/
Re: [newbie] Network Firewall Question
On Sun, 23 Jul 2000, Dacia and AzureRose wrote: for straight up firewall I'm pretty damn happy with PMfirewall. http://www.pointman.org/PMFirewall/ check it out! My vote goes to PMfirewall too. Even if I had to correct the word ten times, seems that I can't write anymore ;) Paul -- Promise, large promise, is the soul of an advertisement. )0([[EMAIL PROTECTED]])0( http://nlpagan.net - ICQ 147208 Registered Linux User 174403
Re: [newbie] Network Firewall Question
Run Portsentry under your IPchains firewall you have a firewall that can detect and block port scans! for straight up firewall I'm pretty damn happy with PMfirewall. http://www.pointman.org/PMFirewall/ check it out! Dacia --- Joe Brault [EMAIL PROTECTED] wrote: Hello all, In the last few days I have seen many postings on the list pertaining to different firewall software that is based on Linux. I am looking to set up my own firewall for my computers at college, and I am wondering which of these programs I have heard about would work better... So far I have heard of Freesco, and Fireplug. I would like to create a firewall (separate computer if that is better) that will protect my windows and Linux boxes ( I have a dual boot desktop and laptop). I would still like to be able to use the Internet fully and play games, as well as Telnet or FTP into the other box from somewhere on campus (with my laptop) if I ever need to. As far as I can tell, my university (Southern Illinois University at Carbondale) has no firewall for the students connected to the network... I know very little about networks and how they work, so even after I have read the manuals on Freesco and Fireplug, I am still very lost as to how to proceed. I would ideally like my computers to not be seen by the outside world :) If anyone knows which program (freesco or fireplug, or another one) would do what I am looking for, I would greatly appreciate the input. Also, some quick info on what my firewall box should have in it would be a plus :) Thanks in advance and sorry for the long posting! - Joe :) -- | Have you petted your penguin today? :) | | Registered Linux user #183248 | -- Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ -- __ [K][D][M]-=-=-=-=-[K][D][M] UIN:82189397 [K][D][M]-ETERNAL-[K][D][M] IM: xKxDxMx [K][D][M]-=-=-=-=-[K][D][M] E-MAIL: [EMAIL PROTECTED] __