[newbie] PPP security (firewalls and such)??
Okay I'm just one guy with one computer and I like to surf and do email. Is there a way to monitor ports, and keep away evildoers? I'm used to Windoze programs like Black Ice, Zone Alarm and such. I would like to log port scans and such sniffer activity hitting my machine while online. I've read Network HOWTO's IPchains, and firewalling info's HOWTO's and man pages. I have no LAN, no separate 486 machine for a firewall. I've #'ed out all my services and disabled my "super server" (inetd) and tried to be as "security conscious" as I know how. There's a KDE program called kfirewall (front end for ipchains) but no docs, and as of this morning no website to get info on how to use it. What am I missing? I've looked into Ksnuffle but that seems a bit extreme for one machine and one very slow (24K) PPP dialup connection. Any help or ideas would be appreciated! Vern
Re: [newbie] PPP security (firewalls and such)??
Better be careful using BlackIce...some mention about snooping and e-mail problems...I got a message this am about this... Don vern wrote: Okay I'm just one guy with one computer and I like to surf and do email. Is there a way to monitor ports, and keep away evildoers? I'm used to Windoze programs like Black Ice, Zone Alarm and such. I would like to log port scans and such sniffer activity hitting my machine while online. I've read Network HOWTO's IPchains, and firewalling info's HOWTO's and man pages. I have no LAN, no separate 486 machine for a firewall. I've #'ed out all my services and disabled my "super server" (inetd) and tried to be as "security conscious" as I know how. There's a KDE program called kfirewall (front end for ipchains) but no docs, and as of this morning no website to get info on how to use it. What am I missing? I've looked into Ksnuffle but that seems a bit extreme for one machine and one very slow (24K) PPP dialup connection. Any help or ideas would be appreciated! Vern
Re: [newbie] PPP security (firewalls and such)??
Can you elaborate on what you've heard? Regards, Nathan Hopper - Original Message - From: "Don Macy" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 10:50 AM Subject: Re: [newbie] PPP security (firewalls and such)?? Better be careful using BlackIce...some mention about snooping and e-mail problems...I got a message this am about this... Don vern wrote:
Re: [newbie] PPP security (firewalls and such)??
"It seems there are Trojans in BlackIce. The jury is still out on what exactly is happening but from all appearances, there is a version that sends info to an email address [EMAIL PROTECTED]" I have emailed Network Ice to see if I can get a answer on this topic === You know you've been hacking too long when... ...your digital alarm clock goes off and you think "Bloody Macs!" === - Original Message - From: "Hopper" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 1:03 PM Subject: Re: [newbie] PPP security (firewalls and such)?? Can you elaborate on what you've heard? Regards, Nathan Hopper - Original Message - From: "Don Macy" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 10:50 AM Subject: Re: [newbie] PPP security (firewalls and such)?? Better be careful using BlackIce...some mention about snooping and e-mail problems...I got a message this am about this... Don vern wrote: _ NetZero - Defenders of the Free World Click here for FREE Internet Access and Email http://www.netzero.net/download/index.html
Re: [newbie] PPP security (firewalls and such)??
This paste came directly from the message I received... Don... It seems there are Trojans in BlackIce. The jury is still out on what exactly is happening but from all appearances, the is a version that sends info to an email address [EMAIL PROTECTED] Hopper wrote: Can you elaborate on what you've heard? Regards, Nathan Hopper - Original Message - From: "Don Macy" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 10:50 AM Subject: Re: [newbie] PPP security (firewalls and such)?? Better be careful using BlackIce...some mention about snooping and e-mail problems...I got a message this am about this... Don vern wrote:
Re: [newbie] PPP security (firewalls and such)??
About security. I have heard that an old 486 linux machine can be a great firewall for a business if set up correctly. Here is a site about it http://www.zdnet.com/zdtv/screensavers/answerstips/story/0,3656,2553911,00.h tml Also look around any linux sites searching for security, most sites have a lot about firewalls. Also on IRC a lot of people will direct with what to do. - Original Message - From: Hopper [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 1:03 PM Subject: Re: [newbie] PPP security (firewalls and such)?? Can you elaborate on what you've heard? Regards, Nathan Hopper - Original Message - From: "Don Macy" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 10:50 AM Subject: Re: [newbie] PPP security (firewalls and such)?? Better be careful using BlackIce...some mention about snooping and e-mail problems...I got a message this am about this... Don vern wrote: _ NetZero - Defenders of the Free World Click here for FREE Internet Access and Email http://www.netzero.net/download/index.html
Re: [newbie] PPP security (firewalls and such)??
OOPS that link got cut off a href="http://www.zdnet.com/zdtv/screensavers/answerstips/story/0,3656,255391 1,00.h tml"Firewall stuff/A i dont think this is gonna show up as a link but i thought id try - Original Message - From: Andy [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 3:41 PM Subject: Re: [newbie] PPP security (firewalls and such)?? About security. I have heard that an old 486 linux machine can be a great firewall for a business if set up correctly. Here is a site about it http://www.zdnet.com/zdtv/screensavers/answerstips/story/0,3656,2553911,00.h tml Also look around any linux sites searching for security, most sites have a lot about firewalls. Also on IRC a lot of people will direct with what to do. - Original Message - From: Hopper [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 1:03 PM Subject: Re: [newbie] PPP security (firewalls and such)?? Can you elaborate on what you've heard? Regards, Nathan Hopper - Original Message - From: "Don Macy" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 27, 2000 10:50 AM Subject: Re: [newbie] PPP security (firewalls and such)?? Better be careful using BlackIce...some mention about snooping and e-mail problems...I got a message this am about this... Don vern wrote: _ NetZero - Defenders of the Free World Click here for FREE Internet Access and Email http://www.netzero.net/download/index.html _ NetZero - Defenders of the Free World Click here for FREE Internet Access and Email http://www.netzero.net/download/index.html
Re: [newbie] PPP security (firewalls and such)??
vern wrote: Okay I'm just one guy with one computer and I like to surf and do email. Is there a way to monitor ports, and keep away evildoers? I'm used to Windoze programs like Black Ice, Zone Alarm and such. I would like to log port scans and such sniffer activity hitting my machine while online. I've read Network HOWTO's IPchains, and firewalling info's HOWTO's and man pages. I have no LAN, no separate 486 machine for a firewall. I've #'ed out all my services and disabled my "super server" (inetd) and tried to be as "security conscious" as I know how. There's a KDE program called kfirewall (front end for ipchains) but no docs, and as of this morning no website to get info on how to use it. What am I missing? I've looked into Ksnuffle but that seems a bit extreme for one machine and one very slow (24K) PPP dialup connection. Any help or ideas would be appreciated! Vern The absolute best packet logger I've been able to come across is something called iplog. By default it logs every connection coming into or out of your machine. You can configure it to ignore some connections through it's configuration file. We currently use it on the DMZ machine at work to monitor connections both legitimate and illegitimate. iplog can be found on Freshmeat (http://freshmeat.net) -- Steve Philp, MCSE/MCP+I Network Administrator Advance Packaging Corporation [EMAIL PROTECTED]