[newbie] PMFirewall?
Hi all =) Is there a way to use PMFirewall on an LM8 server? If not, is there something similar that I should be using for firewall software? Thanx a bunch, E
RE: [newbie] PMFirewall?
PMfirewall is being reworked to use iptables,, it is in alpha state I believe, shouldn't be too much longer... I use pmfirewall and ipchains as the basis for all my rules, although my rules files is about 8 times longer then that which pmfirewall install script creates, I have found it to me a very good platform from which to impliment rules on.. If I swapped to iptables tomorrow, I'd probably trick pmfirewall into installing and rewrite all its rules to suit iptables... the rest of it is fine, so it shouldn't be long until it is converted to iptables.. rgds Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Errant Sent: Thursday, 2 August 2001 2:15 AM To: [EMAIL PROTECTED] Subject: [newbie] PMFirewall? Hi all =) Is there a way to use PMFirewall on an LM8 server? If not, is there something similar that I should be using for firewall software? Thanx a bunch, E
Re: [newbie] PMFirewall?
You might have to redo the kernel and compile in support for ipchains to use pmfirewall. There are similar things out for iptables, but there is an easily configurable firewall/ipforwarding in 8.0 that uses iptables. In the Mandrake control center, there is internet connnections sharing and firewall configurations. -s On Wednesday 01 August 2001 01:14 pm, you wrote: Hi all =) Is there a way to use PMFirewall on an LM8 server? If not, is there something similar that I should be using for firewall software? Thanx a bunch, E
Re: [newbie] PMFirewall?
On Wednesday 01 August 2001 22:15, you wrote: Forget PMFirewall. It doesn't fully support iptables yet. There is much more to security than just a firewall, and Bastille can configure a firewall and so much more. On Thu, 2 Aug 2001 04:14, Errant wrote: Hi all =) Is there a way to use PMFirewall on an LM8 server? If not, is there something similar that I should be using for firewall software? Thanx a bunch, E Here's a question that I think I know the answer to but need confirmation on. Does port 53 'DNS' need to be open in Bastille for Samba to run smoothly on an internal LAN? No outside telneting or other connections being made to the samba server. TIA for all info provided. -- Dennis M. registered linux user # 180842
[newbie] PMFirewall
I downloaded and installed PMfirewall on my Linux 7.2 system. The Software does become active during the boot process, but I am unable to access the GUI for the program. I can not seem to locate it. Any suggestions would be appreciated. Michael B. Harris Registered Linux User
Re: [newbie] PMFirewall
there ain't one. -s On Sunday 06 May 2001 05:19 pm, you wrote: I downloaded and installed PMfirewall on my Linux 7.2 system. The Software does become active during the boot process, but I am unable to access the GUI for the program. I can not seem to locate it. Any suggestions would be appreciated. Michael B. Harris Registered Linux User
[newbie] PMFirewall Rules?
What was the commands to add to PMFirewall to block specific ports?
[newbie] pmfirewall using ipchains ?
Hi all, I am using pmfirewall for a firewall, masq, and forwarding. I know it uses ipchains. Now my question is: If I setup chose portsentry's kill_route to be /sbin/ipchains, will pmfirewall implement it? Or do I need to edit the config file to point to /usr/local/pmfirewall/pmfirewall? Will that even work? pmfirewall does not start up ipchains, does it? When I check in services it it never running. Does pmfirewall use the ipchain rules as a reference? Anybody even have portsentry going with pmfirewall? Possible? -s
Re: [newbie] PMFirewall and IPchains
Peter; The questions you answered from my previous post were meant as rhetorical ones, but well done. I wasn't expecting answers! However, I'm still hoping that Linux will become considerably more popular to the masses, and I see easy-to-use-and-install packages as one of the ways that the appeal of Linux can be greatly enhanced. Thanks for your comments. Dan LaBine Registered Linux User #190712 - Original Message - From: "Peter Smith" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, March 17, 2001 7:19 PM Subject: Re: [newbie] PMFirewall and IPchains --- Dan LaBine [EMAIL PROTECTED] wrote: snip! Why are many Linux-based programs so complicated to set up?? Here we are, snip! I'm no expert but I've got a few theories for you. Theory 1: Hacking code is fun. Writing a polished interface isn't so much fun. Since most of what you use under Linux has been written by volunteers who're writing code for the love of writing code, you get software that is robust and powerful but lacks polish and/or good documentation (until someone else comes along and writes the latter). Theory 2: It's danged hard to write an 'easy-to-use' interface that doesn't limit access to the software in some way. One of my primary reasons for trying to wean myself off of Windows is that every version that comes out puts more barriers between me and the machine. More and more, M$ 'guesses' at what I really want to do, and does it. If it guesses wrong, I have to recourse. I'll project my annoyance with this onto the Linux community in general (who, from what I've seen, really enjoy having full control of the OS) and guess that the people who write this software are loathe to do anything that might limit what you can do with it in any way. Now, a comment... things surely are getting better. I'm in my 3rd or 4th attempt at becoming a full time Linux user. The first time I tried was with RedHat 5, iirc, and it was a huge challenge to get that installed. Compare that installation to the one in Mandrake 7.2 and there's an amazing improvement in ease-of-use. If/when Linux starts to make real in-roads into the desktop space, there'll be commercial incentive to pay people to craft nice interfaces to existing utilities... until then we'll have to make do, or develop the coding skills needed to create nice interfaces and build 'wrappers' for powerful but unwieldy utilities... All the above is just my opinion, of course, and be aware that I am NOT a hard-core linux geek (yet). I'm trying to get there, though... every time I boot Windows these days, I feel a sense of defeat... I'll get there! = ~~~ Peter Smith, Cambridge, MA, USA Various bookmarks = http://people.ne.mediaone.net/jaded Chat about games, movies and tv = http://jadedspub.com ~~~ "They were playing Wagner. It's the most fun I've had in about six months" -Tyr Anasazi __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
Re: [newbie] PMFirewall and IPchains
To all! As a followup to my previous post to the mandrake group, I did some snooping around, and found something VERY interesting! Check out this web-site for something you might find useful - http:/www.securepoint.cc . They have a complete firewall kit which includes Linux and Windows Administration Clients, as well as thier own version of Linux with it's own firewall system included. Download all the english files for the FREEWARE edition ( Man! I just love that term! ). The large file includes a CD image in ".c2d" format, so a CD burner is required, and get the separate client and manual files. This firewall system is designed to be used on a separate firewall PC (Check the manual for minimum requirements). This one looks really good. I'll be setting it up in the next few days myself. Hope this helps everyone! Dan LaBine Registered Linux User #190712
Re: [newbie] PMFirewall and IPchains
Peter, Sounds like a very well informed opinion formed by someone who has done their homework and put in the time. Mark Peter Smith wrote: --- Dan LaBine [EMAIL PROTECTED] wrote: snip! Why are many Linux-based programs so complicated to set up?? Here we are, snip! I'm no expert but I've got a few theories for you. Theory 1: Hacking code is fun. Writing a polished interface isn't so much fun. Since most of what you use under Linux has been written by volunteers who're writing code for the love of writing code, you get software that is robust and powerful but lacks polish and/or good documentation (until someone else comes along and writes the latter). Theory 2: It's danged hard to write an 'easy-to-use' interface that doesn't limit access to the software in some way. One of my primary reasons for trying to wean myself off of Windows is that every version that comes out puts more barriers between me and the machine. More and more, M$ 'guesses' at what I really want to do, and does it. If it guesses wrong, I have to recourse. I'll project my annoyance with this onto the Linux community in general (who, from what I've seen, really enjoy having full control of the OS) and guess that the people who write this software are loathe to do anything that might limit what you can do with it in any way. Now, a comment... things surely are getting better. I'm in my 3rd or 4th attempt at becoming a full time Linux user. The first time I tried was with RedHat 5, iirc, and it was a huge challenge to get that installed. Compare that installation to the one in Mandrake 7.2 and there's an amazing improvement in ease-of-use. If/when Linux starts to make real in-roads into the desktop space, there'll be commercial incentive to pay people to craft nice interfaces to existing utilities... until then we'll have to make do, or develop the coding skills needed to create nice interfaces and build 'wrappers' for powerful but unwieldy utilities... All the above is just my opinion, of course, and be aware that I am NOT a hard-core linux geek (yet). I'm trying to get there, though... every time I boot Windows these days, I feel a sense of defeat... I'll get there! = ~~~ Peter Smith, Cambridge, MA, USA Various bookmarks = http://people.ne.mediaone.net/jaded Chat about games, movies and tv = http://jadedspub.com ~~~ "They were playing Wagner. It's the most fun I've had in about six months" -Tyr Anasazi __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
Re: [newbie] pmfirewall?
Yeah, Chuck it does. Log in as root, open a terminal, and type the following exactly (Without the quotes). "ipchains -P forward DENY" That oughtta do! Remember, each time you start your PC, you'll have to do it, until someone sends you the instructions on how to automate it. Since I usually run it on Servers, and I almost never have to shut them down, I don't have to do it often. That's why I never learned how to automate it on startup. If you ever add a second PC, you'll need to add a line or 2, and ipchains will provide connection services for the second PC. Enjoy. Dan LaBine Registered Linux User #190712 - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 16, 2001 3:01 PM Subject: Re: [newbie] pmfirewall? Hello All, Thanks for all of the information. In response to your question Dan, I'm using the internet on one PC. I have a cable modem. Running static, not DHCP. Just got it working. Does this answer your questions? Let me know. Thanks for your help! Chuck -- Get the Latest News at CNN Interactive: http://CNN.com
[newbie] PMFirewall and IPchains
Mark; Thank-you for not overstating the obvious! However, as I had mentionedin my initial post, it was my opinion, not the opinion of all users ofPMFirewall. That having been repeated now, I'd like to point out thatipchains takes only 3 lines of text ( at least for the networks that Imaintain ), to protect the average network (I know, I know, here comes theflames again! ), whereas there are several configurations to be done withPMfirewall. My opinions are, of course, based on my experiences, and as suchI have no compunctions about "sticking to my guns". I should point out thatuntil about 4 weeks ago, I thought PMfirewall was the "best-built mousetrap",when it comes to firewall programs, and that I rarely used ipchains directly.However, after our LUG ( Linux Users Group ) ran some tests on severalnetworks, we found quite a few ports open on what was supposed to be securesystems, and that in each case, PMfirewall was the culprit! As outraged asthe proponents of PMfirewall may be to hear this, it is the truth. I went through all the inetd files/folders to find the services which were causingthe problems, and one of the guilty parties was PMfirewall. After uninstalling it, and running a manual configuration of ipchains, ALL the previously open/filtered ports were not just in "Stealth" mode, but totally closed down, as in undetectable by port scanners, period. I have no doubt that others may find PMfirewall to run better than I did, but if in fact it needs additional configuration after the initialinstall and configuration, why doesn't it say so? The initial install/setup/config walks the user thru each item step-by-step, and offers to close specific ports, and any other ports you desire. Is it safe to assumetherefore that if I chose to close ALL ports, that they would be closed, ornot? One thing you may or may not know Mark, is that PMfirewall closes someports, but "Filters" other ports. That means that a good hacker can find hisway thru them suckers and still cause some damage. I don't know about you,but I'm not prepared to take that chance. At least not with my clients' networks. I can't afford to. And I'm not the only one. The guys in my LUG handle network security and administration for large companies, and they aren't prepared to take chances either! If PMfirewall is only going to "Filter" ports ( ie: Ports # 139, 443, 631, etc,..) It's not good enough. The fact that it doesn't tell you this during the configuration, is alsomisleading. And you're right Mark,...It's not a Windows Program, It's a Linux/Unix program. By default, it should therefore be a MUCH BETTER program !!! I'm a rock-solid believer in this stuff (fanatical, you might say!). I'm promoting Linux every which-way that I can. But for the new user, depending on PMfirewall to protect their PC or network would seem to be foolhardy at best. It shouldn't filter ports, it should take them out of existence! Since, as you mentioned, PMfirewall uses ipchains, doesn't it make more sense to "Go to the Source" and just use ipchains?? Anyway, enough said. A word of advice though,...never offer an opinion to this group when you're trying to quit smoking! I should've known better! Dan LaBineRegistered Linux User #190712
Re: [newbie] pmfirewall?
Dan LaBine wrote: Yeah, Chuck it does. Log in as root, open a terminal, and type the following exactly (Without the quotes). "ipchains -P forward DENY" That oughtta do! Remember, each time you start your PC, you'll have to do it, until someone sends you the instructions on how to automate it. Since I Just add that to the rules file that is read each time the firewall is started. that should take care of it. the man pages for ipchains and rules are quite good for this not to mention a few minutes of examining the rules themselves will give you enough to construct custom rules to suit your needs. Mark
Re: [newbie] PMFirewall and IPchains
Dan...In some ways we're saying similar things, except as to the point of "what" Pmfirewall is. And it is definately "not" a firewall, rather it is merely a means to get the ipchains firewall rule-set configured to a point to where it's functional. Notice I didn't say ready for prime time, but functional. Enough for the user then to open the rules file and begin to tweak and fine tune the rule-set so that it becomes what you mentioned having setup after uninstalling PM. Were it not for PM I would have had to spend a lot more time reading the Ipchains docs and scratching my head to get my firewall running. Since then I've made "many" additions and modifications to the rule-set that is "more" the firewall itself then anything else. What I've said and have maintained all along is that PM is nothing more then a front end, (of sorts...albeit a console front end and not a GUI) configuration utility for IPchains. And a darn good one for newbies to cut their teeth on and get exposed to the use of Ipchains. And, God's blessings to you on your endeavor to quit smoking. I know what you're going through having been there myself 7 years ago. Your opinions were stated just fine. I should have added that my comments were given "tongue-in-cheek." Mark If PMfirewall is only going to "Filter" ports ( ie: Ports # 139, 443, 631, etc,..) It's not good enough. The fact that it doesn't tell you this during the configuration, is also misleading. And you're right Mark,...It's not a Windows Program, It's a Linux/Unix program. By default, it should therefore be a MUCH BETTER program !!!
Re: [newbie] PMFirewall and IPchains
Getting back to PMfirewall leaving some ports open: I've got a complete mental block when it comes to comprehending the ipchains rules. I'm at even more of a total loss with the new iptables in 2.4.x kernels. I have found that I can completely secure my box, all ports, using a combination of PMfirewall (all default answers) to write the ipchains rules for me, and then also starting portsentry (simple instructions for portsentry setup are in it's docs). Then going to: http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now and doing the basic scan. Besides their report, I can then read root's mail (I have kmail set up for this) and the 'attack alert' goes on for ever. Skimming thru it, SecureDesign's scanner is rejected for every port ! Almost daily while reading root's mail I see a few (prob'ly benign) attempts to scan or connect to me, all similarly rejected. -- Dale Earnhardt, the greatest stock car driver ever, he's won his 8th and His Greatest Championship Tom Brinkman [EMAIL PROTECTED] Galveston Bay On Saturday 17 March 2001 08:44 am, Mark Weaver wrote: Dan...In some ways we're saying similar things, except as to the point of "what" Pmfirewall is. And it is definately "not" a firewall, rather it is merely a means to get the ipchains firewall rule-set configured to a point to where it's functional. Notice I didn't say ready for prime time, but functional. Enough for the user then to open the rules file and begin to tweak and fine tune the rule-set so that it becomes what you mentioned having setup after uninstalling PM. Were it not for PM I would have had to spend a lot more time reading the Ipchains docs and scratching my head to get my firewall running. Since then I've made "many" additions and modifications to the rule-set that is "more" the firewall itself then anything else. What I've said and have maintained all along is that PM is nothing more then a front end, (of sorts...albeit a console front end and not a GUI) configuration utility for IPchains. And a darn good one for newbies to cut their teeth on and get exposed to the use of Ipchains. And, God's blessings to you on your endeavor to quit smoking. I know what you're going through having been there myself 7 years ago. Your opinions were stated just fine. I should have added that my comments were given "tongue-in-cheek." Mark If PMfirewall is only going to "Filter" ports ( ie: Ports # 139, 443, 631, etc,..) It's not good enough. The fact that it doesn't tell you this during the configuration, is also misleading. And you're right Mark,...It's not a Windows Program, It's a Linux/Unix program. By default, it should therefore be a MUCH BETTER program !!!
Re: [newbie] PMFirewall and IPchains
Tom, That's how I've got my system running and I've found the combination to a very good one. As for wrapping your brain around the IPchains rules and such. I can appreciate how you're feeling having been there myself. It took a little while of looking at the man pages and then reading and re-reading the HOWTO for IPchains about 6 times, and even after all that I didn't really start to catch on until after I installed PMfirewall. I started studying the actual rule-set and seeing how they're constructed and things gradually began to dawn on me about what they're doing. Also how to manipulate them to get them to do what I want them to do. Mark Tom Brinkman wrote: Getting back to PMfirewall leaving some ports open: I've got a complete mental block when it comes to comprehending the ipchains rules. I'm at even more of a total loss with the new iptables in 2.4.x kernels. I have found that I can completely secure my box, all ports, using a combination of PMfirewall (all default answers) to write the ipchains rules for me, and then also starting portsentry (simple instructions for portsentry setup are in it's docs). Then going to: http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now and doing the basic scan. Besides their report, I can then read root's mail (I have kmail set up for this) and the 'attack alert' goes on for ever. Skimming thru it, SecureDesign's scanner is rejected for every port ! Almost daily while reading root's mail I see a few (prob'ly benign) attempts to scan or connect to me, all similarly rejected. -- Dale Earnhardt, the greatest stock car driver ever, he's won his 8th and His Greatest Championship Tom Brinkman [EMAIL PROTECTED] Galveston Bay On Saturday 17 March 2001 08:44 am, Mark Weaver wrote: Dan...In some ways we're saying similar things, except as to the point of "what" Pmfirewall is. And it is definately "not" a firewall, rather it is merely a means to get the ipchains firewall rule-set configured to a point to where it's functional. Notice I didn't say ready for prime time, but functional. Enough for the user then to open the rules file and begin to tweak and fine tune the rule-set so that it becomes what you mentioned having setup after uninstalling PM. Were it not for PM I would have had to spend a lot more time reading the Ipchains docs and scratching my head to get my firewall running. Since then I've made "many" additions and modifications to the rule-set that is "more" the firewall itself then anything else. What I've said and have maintained all along is that PM is nothing more then a front end, (of sorts...albeit a console front end and not a GUI) configuration utility for IPchains. And a darn good one for newbies to cut their teeth on and get exposed to the use of Ipchains. And, God's blessings to you on your endeavor to quit smoking. I know what you're going through having been there myself 7 years ago. Your opinions were stated just fine. I should have added that my comments were given "tongue-in-cheek." Mark If PMfirewall is only going to "Filter" ports ( ie: Ports # 139, 443, 631, etc,..) It's not good enough. The fact that it doesn't tell you this during the configuration, is also misleading. And you're right Mark,...It's not a Windows Program, It's a Linux/Unix program. By default, it should therefore be a MUCH BETTER program !!!
RE: [newbie] PMFirewall and IPchains
I just got pmfirewall working in my unusual circumstances.. ie hosting multiple domains,, (virtual IP's for ppp0) and before the firewall would only work on the static IP of the dialup, not the actual domain names.. it now works exactly as I wanted, and I have added alot to the ruleset as well.. ie, apart from working on all the domains, I also watch the portsentry emails, (which are directed to my home account) and when I see a port being scanned, if I am not using it, I add it to the rules... so all the commonly scanned ports get denied or rejected by default. I am starting to feel better about my security level. (still paranoid though.) I think one of the best things you can do, is to make sure you are not using any unencrypted ports over the net. ie no pop3, no FTP no telnet, or any others, if you aint using it, turn it off, and most of all, keep updated. just my thoughts, if anyone wants to know how I got pmfirewall working with virtual IP's or domains... drop me a line... regards Frank Hauptle / / _ ---/ / (_)__ __ __ --/ /__/ / _ \/ // /\ \/ / -//_/_//_/\_,_/ /_/\_\ Gshop Network Payment Solutions. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Brinkman Sent: Saturday, 17 March 2001 11:29 PM To: [EMAIL PROTECTED] Subject: Re: [newbie] PMFirewall and IPchains Getting back to PMfirewall leaving some ports open: I've got a complete mental block when it comes to comprehending the ipchains rules. I'm at even more of a total loss with the new iptables in 2.4.x kernels. I have found that I can completely secure my box, all ports, using a combination of PMfirewall (all default answers) to write the ipchains rules for me, and then also starting portsentry (simple instructions for portsentry setup are in it's docs). Then going to: http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now and doing the basic scan. Besides their report, I can then read root's mail (I have kmail set up for this) and the 'attack alert' goes on for ever. Skimming thru it, SecureDesign's scanner is rejected for every port ! Almost daily while reading root's mail I see a few (prob'ly benign) attempts to scan or connect to me, all similarly rejected. -- Dale Earnhardt, the greatest stock car driver ever, he's won his 8th and His Greatest Championship Tom Brinkman [EMAIL PROTECTED] Galveston Bay On Saturday 17 March 2001 08:44 am, Mark Weaver wrote: Dan...In some ways we're saying similar things, except as to the point of "what" Pmfirewall is. And it is definately "not" a firewall, rather it is merely a means to get the ipchains firewall rule-set configured to a point to where it's functional. Notice I didn't say ready for prime time, but functional. Enough for the user then to open the rules file and begin to tweak and fine tune the rule-set so that it becomes what you mentioned having setup after uninstalling PM. Were it not for PM I would have had to spend a lot more time reading the Ipchains docs and scratching my head to get my firewall running. Since then I've made "many" additions and modifications to the rule-set that is "more" the firewall itself then anything else. What I've said and have maintained all along is that PM is nothing more then a front end, (of sorts...albeit a console front end and not a GUI) configuration utility for IPchains. And a darn good one for newbies to cut their teeth on and get exposed to the use of Ipchains. And, God's blessings to you on your endeavor to quit smoking. I know what you're going through having been there myself 7 years ago. Your opinions were stated just fine. I should have added that my comments were given "tongue-in-cheek." Mark If PMfirewall is only going to "Filter" ports ( ie: Ports # 139, 443, 631, etc,..) It's not good enough. The fact that it doesn't tell you this during the configuration, is also misleading. And you're right Mark,...It's not a Windows Program, It's a Linux/Unix program. By default, it should therefore be a MUCH BETTER program !!!
Re: [newbie] PMFirewall and IPchains
Mark, Tom, and anyone else who can shed a little light on the subject; Mark, Thanks for your response. And your support. I was about to "Light one Up" when I received your email. I owe you one. And now for a question that's probably going to open a "Can Of Worms". I will start by apologising up front for any offense loyal/fanatical Linux users may infer from this. I apologise. There, that's done! Now, for the question. Why are many Linux-based programs so complicated to set up?? Here we are, getting involved in a conversation about a type of program which should be relatively simple to install/setup/configure, and I'm sure that this won't be the last time someone has a problem with IPchains/PMfirewall, or some other package. I'm just curious though, why is it a real pain? You gents are talking about using 2 or more techniques to accomplish something that should be relatively easy. What's the big point that I'm not seeing? What I mean is that although Linux is in a constant state of development, some of the technologies are relatively constant. TCP/IP has been around for quite some time, and is probably considered a "Standard" protocol these days, and I would think that the rules governing it and ways to block/close ports would also be pretty consistent. So why then does it take so much to tackle a setup that should be a piece of cake? I realise that I may be understating the issue, but what ever happened to a nice simple procedure? What ports do you want to leave open? What ports do you want to close? Enable masquerading ? Yes/No? etc,etc. Run these rules each time you start this PC? Okey Dokey, We're done! Have a nice day!! You know, Simple. Personally, I'm glad I've broken away from most M$ products, and all the various apps that used to cost Way Too Much. But many of them did perform background tasks without having to be "Tweaked" ( assuming you're not including all the various updates/patches/bug fixes/service packs! ). But as an comparison, I used to use firewall/proxy apps that did exactly what they said. Install and configure them and your done. In a GUI no less. Mark, why should you have to read the ipchains HOW-TO 6 times??!! Tom, why should you have to use PMfirewall AND PortSentry? Why does PMfirewall ask the setup questions that it asks, and then leaves ports open or just filtered, instead of totally closed? See what I mean? I'm a firm beleiver in Linux and all it has to offer, but I'm wondering why it has to be so darn tricky? I've tried using some of the frontends for ipchains, and same thing. Not clear about what they're doing or confusing to use. One of the things that I am very happy with is the System Administration Wizard in LM 7.2 Corp Server, and don't get me started on the merits of Webmin! That's a marvelous example of how to make a setup easy! There's quite a few others out there, I'm sure. Since Linux is arguably much better than other O/Ses out there and the Linux community does a fabulous job of bringing us great packages, office suites, etc.,why do some of these things have to be enough to warrant a trip to the shrink?? ( Insert deepest apology to psychiatrists reading this! ). I'm under the impression that there's a conspiracy going on! Someone is deliberately trying to make us think! I hate it when that happens! I have a tough enough time paying my bills on time, so why make these things harder to install and setup than they need to be? OK, I'm done. Just wanted to vent, and maybe to get the creative juices flowing! I don't know about you guys, but I'd pay good money for someone to write up a quick and nasty Wizard/GUI for ipchains that would walk you through the setup, step-by-step, and write the results to the ipchains configuration file. Mom wanted me to be a "Rocket Scientist", but no, no, no! I had to become a brain surgeon! Serves me right! Dan LaBine Registered Linux User #190712
Re: [newbie] PMFirewall and IPchains
Ok, so what are some good ways to convert PMFirewall rules to IPChains? I'm running IPChains now, witht the rules set up by PMFirewall (added a rule to close port 1024 which PMFirewall left open). But how do I make it close (as opposed to filter) ports. ALso, any specific unnecessary ports PMF leaves open that I should close with IPChains? -Paul R Tom Brinkman wrote: Getting back to PMfirewall leaving some ports open: I've got a complete mental block when it comes to comprehending the ipchains rules. I'm at even more of a total loss with the new iptables in 2.4.x kernels. I have found that I can completely secure my box, all ports, using a combination of PMfirewall (all default answers) to write the ipchains rules for me, and then also starting portsentry (simple instructions for portsentry setup are in it's docs). Then going to: http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now and doing the basic scan. Besides their report, I can then read root's mail (I have kmail set up for this) and the 'attack alert' goes on for ever. Skimming thru it, SecureDesign's scanner is rejected for every port ! Almost daily while reading root's mail I see a few (prob'ly benign) attempts to scan or connect to me, all similarly rejected. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Re: [newbie] PMFirewall and IPchains
On Saturday 17 March 2001 05:49 pm, Paul R wrote: Ok, so what are some good ways to convert PMFirewall rules to IPChains? PMfirewall is nothing more than a script you run, answer some straightforward questions, and then it writes ipchains rules according to the answers you give. .or maybe I don't understand your question ? I'm running IPChains now, witht the rules set up by PMFirewall (added a rule to close port 1024 which PMFirewall left open). But how do I make it close (as opposed to filter) ports. ALso, any specific unnecessary ports PMF leaves open that I should close with IPChains? I believe this is what portsentry does. Type 'whereis portsentry' in a terminal, to see if it's already installed. Many Mandrake installs include it. 'locate portsentry' will show you where the docs are. -- Dale Earnhardt, the greatest stock car driver ever, he's won his 8th and His Greatest Championship Tom Brinkman [EMAIL PROTECTED] Galveston Bay Tom Brinkman wrote: Getting back to PMfirewall leaving some ports open: I've got a complete mental block when it comes to comprehending the ipchains rules. I'm at even more of a total loss with the new iptables in 2.4.x kernels. I have found that I can completely secure my box, all ports, using a combination of PMfirewall (all default answers) to write the ipchains rules for me, and then also starting portsentry (simple instructions for portsentry setup are in it's docs). Then going to: http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now and doing the basic scan. Besides their report, I can then read root's mail (I have kmail set up for this) and the 'attack alert' goes on for ever. Skimming thru it, SecureDesign's scanner is rejected for every port ! Almost daily while reading root's mail I see a few (prob'ly benign) attempts to scan or connect to me, all similarly rejected.
Re: [newbie] PMFirewall and IPchains
--- Dan LaBine [EMAIL PROTECTED] wrote: snip! Why are many Linux-based programs so complicated to set up?? Here we are, snip! I'm no expert but I've got a few theories for you. Theory 1: Hacking code is fun. Writing a polished interface isn't so much fun. Since most of what you use under Linux has been written by volunteers who're writing code for the love of writing code, you get software that is robust and powerful but lacks polish and/or good documentation (until someone else comes along and writes the latter). Theory 2: It's danged hard to write an 'easy-to-use' interface that doesn't limit access to the software in some way. One of my primary reasons for trying to wean myself off of Windows is that every version that comes out puts more barriers between me and the machine. More and more, M$ 'guesses' at what I really want to do, and does it. If it guesses wrong, I have to recourse. I'll project my annoyance with this onto the Linux community in general (who, from what I've seen, really enjoy having full control of the OS) and guess that the people who write this software are loathe to do anything that might limit what you can do with it in any way. Now, a comment... things surely are getting better. I'm in my 3rd or 4th attempt at becoming a full time Linux user. The first time I tried was with RedHat 5, iirc, and it was a huge challenge to get that installed. Compare that installation to the one in Mandrake 7.2 and there's an amazing improvement in ease-of-use. If/when Linux starts to make real in-roads into the desktop space, there'll be commercial incentive to pay people to craft nice interfaces to existing utilities... until then we'll have to make do, or develop the coding skills needed to create nice interfaces and build 'wrappers' for powerful but unwieldy utilities... All the above is just my opinion, of course, and be aware that I am NOT a hard-core linux geek (yet). I'm trying to get there, though... every time I boot Windows these days, I feel a sense of defeat... I'll get there! = ~~~ Peter Smith, Cambridge, MA, USA Various bookmarks = http://people.ne.mediaone.net/jaded Chat about games, movies and tv = http://jadedspub.com ~~~ "They were playing Wagner. It's the most fun I've had in about six months" -Tyr Anasazi __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
Re: [newbie] pmfirewall?
Dan LaBine wrote: [EMAIL PROTECTED] wrote: Hi, I've just downloaded pmfirewall. I have some pretty bad questions as I am a complete newbie. I want to get this up and running so that I can feel safe about getting on the net. My question is, after I unzip it where should I point the file when I untar it as root? ie tar -xvf "---" When I run the install shell it's saying that it isn't finding the directory or something. And, does anyone have any general suggestions about out of box security for a complete newbie? I know absolutely nothing about IP chains. Thanks, Chuck -- Get the Latest News at CNN Interactive: http://CNN.com Chuck; You may not want to keep Pmfirewall (flamers please input arrogant denegrating reply/opinion here). For what it's worth, and IMHO, Sorry Dan...I don't have enough time this morning to flame this message properly as it deserves, but suffice it to say that PMfirewall is ONLY a configuration device to setup the RULES to utilize IPchains. Once the basics are done you MAY have to edit the RULES in order to make sure that the ports that are left open are closed properly. There is SOME human intervention necessary. It's Not a windows program, ya know? ;-) Mark I've been using PMfirewall, and found that it leaves some ports open! You're better off with IPchains. IPchains should already be installed in your system. Please send back more info about your network ie; how many PC's what IP's you're using, etc. Depending on your set up, you'l need up to 3 lines of text to activate it and I'm sure someone will respond with instructions on how to automate the startup procedure for it. -- Dan LaBine Maximum L.A.N.'s Ltd. Registered Linux User #190712
Re: [newbie] pmfirewall?
Hello All, Thanks for all of the information. In response to your question Dan, I'm using the internet on one PC. I have a cable modem. Running static, not DHCP. Just got it working. Does this answer your questions? Let me know. Thanks for your help! Chuck -- Get the Latest News at CNN Interactive: http://CNN.com
[newbie] pmfirewall?
Hi, I've just downloaded pmfirewall. I have some pretty bad questions as I am a complete newbie. I want to get this up and running so that I can feel safe about getting on the net. My question is, after I unzip it where should I point the file when I untar it as root? ie tar -xvf "---" When I run the install shell it's saying that it isn't finding the directory or something. And, does anyone have any general suggestions about out of box security for a complete newbie? I know absolutely nothing about IP chains. Thanks, Chuck -- Get the Latest News at CNN Interactive: http://CNN.com
Re: [newbie] pmfirewall?
[EMAIL PROTECTED] wrote: Hi, I've just downloaded pmfirewall. I have some pretty bad questions as I am a complete newbie. I want to get this up and running so that I can feel safe about getting on the net. My question is, after I unzip it where should I point the file when I untar it as root? ie tar -xvf "---" When I run the install shell it's saying that it isn't finding the directory or something. And, does anyone have any general suggestions about out of box security for a complete newbie? I know absolutely nothing about IP chains. Thanks, Chuck -- Get the Latest News at CNN Interactive: http://CNN.com Chuck; You may not want to keep Pmfirewall (flamers please input arrogant denegrating reply/opinion here). For what it's worth, and IMHO, I've been using PMfirewall, and found that it leaves some ports open! You're better off with IPchains. IPchains should already be installed in your system. Please send back more info about your network ie; how many PC's what IP's you're using, etc. Depending on your set up, you'l need up to 3 lines of text to activate it and I'm sure someone will respond with instructions on how to automate the startup procedure for it. -- Dan LaBine Maximum L.A.N.'s Ltd. Registered Linux User #190712
Re: [newbie] pmfirewall?
On Thursday 15 March 2001 12:39, [EMAIL PROTECTED] wrote: I've just downloaded pmfirewall. I have some pretty bad questions as I am a complete newbie. I want to get this up and running so that I can feel safe about getting on the net. My question is, after I unzip it where should I point the file when I untar it as root? ie tar -xvf "---" Just untar it into a temp directory. The installer will put things where they need to go. (BTW, if you're running Mandrake 7.2, you may need to create a directory called "/usr/man/man8" to hold pmfirewall's man page.) When I run the install shell it's saying that it isn't finding the directory or something. What _exactly_ is it saying? And, does anyone have any general suggestions about out of box security for a complete newbie? I know absolutely nothing about IP chains. There's really no such thing as out-of-box security but, fortunately, pmfirewall doesn't require you to know anything about IP chains. It would be helpful if you could tell us... 1. How you're connecting to the net (i.e., modem, cable modem, ADSL, etc.) 2. Whether you want to protect a single machine or a home network. 3. Whether you're planning to run servers on your linux box (i.e., web server, ftp server, etc.) 4. Whether your ISP assigns your IP address dynamically using DHCP (i.e., do you get a different IP address every time you connect?). M. -- Michael O'Henly TENZO Design
Re: [newbie] pmfirewall?
Thanks for the input Dan. I have a cable modem that I just got up and running connected to one PC. My ip address is 24.23.1.1. Like I said before, I don't know much about IP chains. I've heard that they're kind of like ACLs. If anyone could point me in the right direction that would be GREATLY appreciated. -- Get the Latest News at CNN Interactive: http://CNN.com
Re: [newbie] pmfirewall?
If you don't have ipchains installed, go into rpmdrake and install it first. Then after you untar it, type: cd pmfirewall-1.1.4/. Then type: sh install.sh It will install to a common directory. Then answer the questions. And if you're on a dial up select as your interface: ppp0. Then just answer the default to most of the questions until you get to "do you want pmfirewall to start on boot up?" If you're on dial up, say N. Then it will ask later if you want it to start on successful ppp connection, then say Y. You don't need to know anything about ipchains to use pmfirewall, it will write the script for you and it's a great little app. -s On Thursday 15 March 2001 02:39 pm, you wrote: Hi, I've just downloaded pmfirewall. I have some pretty bad questions as I am a complete newbie. I want to get this up and running so that I can feel safe about getting on the net. My question is, after I unzip it where should I point the file when I untar it as root? ie tar -xvf "---" When I run the install shell it's saying that it isn't finding the directory or something. And, does anyone have any general suggestions about out of box security for a complete newbie? I know absolutely nothing about IP chains. Thanks, Chuck -- Get the Latest News at CNN Interactive: http://CNN.com
Re: [newbie] PMFirewall and PortSentry logging?
On Tuesday 02 January 2001 11:24 am, Jon Doe wrote: I have used PMFirewall for a long time, I just installed Portsentry, I can't seem to find where they keep logs or how you configure them to keep logs any help? Read this: /usr/share/doc/portsentry-1.0/README.install (look at the other README's located here also) Further help/suggestions are here: http://www.linuxnewbie.org/nhf/intel/security/portsentry1.html -- Tom Brinkman [EMAIL PROTECTED] Galveston Bay
Re: [newbie] PMFirewall and PortSentry logging?
Jon Doe [EMAIL PROTECTED] said: I have used PMFirewall for a long time, I just installed Portsentry, I can't seem to find where they keep logs or how you configure them to keep logs any help? /var/log/messages. The dmesg command will also output logs from the kernel, which is where the firewall stuff resides. Dan
Re: [newbie] PMFirewall question...
Dennis Myers wrote: I would have to agree, mine does about a two page print of many different ports and I haven't found the screen shot menu so I can't post it. But, based on mine I would say yours is not set up to do a whole lot of good. When I set up mine I said no to most of the ports and allowed unlimited access only to the addresses on my local net and 127.0.0.1. you might try a new install. Good Luck, Dennis I followed the script recommendation posted a couple of times on this list. ;-( I did say no to most options. I gave that 127.0.0.1/255.255.255.0 range, only opening port 110 (I think) for service. I'm a little unclear as to how its supposed to start. I picked no for startup at boot, but yes for startup upon successfull ppp connection. So, is the startup line supposed to go in /etc/ip-up, or /etc/ip-up.local or in /etc/ppp/ip-up or /etc/ppp/ip-up.local? ;-) Thanks! -- /\ DarkLord \/
Re: [newbie] PMFirewall question...
Eric Becker wrote: Type ipchains -L to see if pmfirewall is running. If there's a whole bunch of rules listed...then it's working. If it just says: Chain input (policy ACCEPT): Chain forward (policy DENY): Chain output (policy ACCEPT): If it just says that, and nothing else...then it ain't working. You may have to manually run /etc/rc.d/init.d/pmfirewall. I've attached a small text file that shows what I got. Can you look at it and tell me what you think? Thanks! ;-) -- /\ DarkLord \/ [root@localhost darklord]# ipchains -L Chain input (policy ACCEPT): target prot opt sourcedestination ports ACCEPT all -- anywhere anywhere n/a ACCEPT tcp !y anywhere davl1-3.kih.net any - any
RE: [newbie] PMFirewall question...
Ya...that's probably not working correctly. I haven't really played with pmfirewall for a ppp connection. The only thing I could tell ya is to go to www.pmfirewall.com and check out their mailing list. I'd either just subscribe to that mailing list...or just browse through the archive. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ronald J. Hall Sent: Tuesday, November 14, 2000 7:39 AM To: [EMAIL PROTECTED] Subject: Re: [newbie] PMFirewall question... Eric Becker wrote: Type ipchains -L to see if pmfirewall is running. If there's a whole bunch of rules listed...then it's working. If it just says: Chain input (policy ACCEPT): Chain forward (policy DENY): Chain output (policy ACCEPT): If it just says that, and nothing else...then it ain't working. You may have to manually run /etc/rc.d/init.d/pmfirewall. I've attached a small text file that shows what I got. Can you look at it and tell me what you think? Thanks! ;-) -- /\ DarkLord \/
Re: [newbie] PMFirewall question...
I would have to agree, mine does about a two page print of many different ports and I haven't found the screen shot menu so I can't post it. But, based on mine I would say yours is not set up to do a whole lot of good. When I set up mine I said no to most of the ports and allowed unlimited access only to the addresses on my local net and 127.0.0.1. you might try a new install. Good Luck, Dennis Eric Becker wrote: Ya...that's probably not working correctly. I haven't really played with pmfirewall for a ppp connection. The only thing I could tell ya is to go to www.pmfirewall.com and check out their mailing list. I'd either just subscribe to that mailing list...or just browse through the archive. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ronald J. Hall Sent: Tuesday, November 14, 2000 7:39 AM To: [EMAIL PROTECTED] Subject: Re: [newbie] PMFirewall question... Eric Becker wrote: Type ipchains -L to see if pmfirewall is running. If there's a whole bunch of rules listed...then it's working. If it just says: Chain input (policy ACCEPT): Chain forward (policy DENY): Chain output (policy ACCEPT): If it just says that, and nothing else...then it ain't working. You may have to manually run /etc/rc.d/init.d/pmfirewall. I've attached a small text file that shows what I got. Can you look at it and tell me what you think? Thanks! ;-) -- /\ DarkLord \/ -- Dennis M. a registered Linux user #180842
[newbie] PMFirewall question...
Okay, I'm currently using ipchains/PMFirewall. My question is, since I *think* I've got everything installed correctly (the script said it installed OK), should I not be able to see PMFirewall running, using something like ktop or top, after I've connected to the 'Net? I picked the options where PMF does not start up at boot, but upon a successfull ppp connection. Thanks! -- /\ DarkLord \/
RE: [newbie] PMFirewall question...
Type ipchains -L to see if pmfirewall is running. If there's a whole bunch of rules listed...then it's working. If it just says: Chain input (policy ACCEPT): Chain forward (policy DENY): Chain output (policy ACCEPT): If it just says that, and nothing else...then it ain't working. You may have to manually run /etc/rc.d/init.d/pmfirewall. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ronald J. Hall Sent: Monday, November 13, 2000 2:19 PM To: Mandrake Newbie Mailing List Subject: [newbie] PMFirewall question... Okay, I'm currently using ipchains/PMFirewall. My question is, since I *think* I've got everything installed correctly (the script said it installed OK), should I not be able to see PMFirewall running, using something like ktop or top, after I've connected to the 'Net? I picked the options where PMF does not start up at boot, but upon a successfull ppp connection. Thanks! -- /\ DarkLord \/
[newbie] pmfirewall
Hi Everybody, I just installed pmfirewall and that other program I forgot what it's call. well anyway, After installing it, then I restarted it. I logged on the internet but then I guess I got carried away when installing pmfirewall it just block all outgoing and incoming signal. I realized that I stated the port as eth0 which port should I stated as? I had to do a ./pmfirewall stop in order for me to interact with the internet. Rob
Re: [newbie] pmfirewall
By "logged on the internet" do you mean dial-ed up? If so, ppp0 should be your external interface, and any NIC card masquerading an internal network should be the internal interface. If you have cable and simply mean that you started using the internet, eth0 should probably be the right choice, and you'll need to provide information as to how you set up your system so we can better answer the question. You can very easily re-run the install script to fix this. If you have any questions... just ask. --Greg - Original Message - From: "Rob" [EMAIL PROTECTED] Hi Everybody, I just installed pmfirewall and that other program I forgot what it's call. well anyway, After installing it, then I restarted it. I logged on the internet but then I guess I got carried away when installing pmfirewall it just block all outgoing and incoming signal. I realized that I stated the port as eth0 which port should I stated as? I had to do a ./pmfirewall stop in order for me to interact with the internet. Rob __ Vous avez un site perso ? 2 millions de francs à gagner sur i(france) ! Webmasters : ZE CONCOURS ! http://www.ifrance.com/_reloc/concours.emailif
[newbie] pmfirewall and portsentry test?
Hi, well, I guess I got it up and running. but I would like to make sure that it is up and running. How do test it? where do I look up the log file to see if pmfirewall is running.OH yeah got portsentry up and running, how do I test that? Rob
Re: [newbie] pmfirewall and portsentry test?
Rob wrote: Hi, well, I guess I got it up and running. but I would like to make sure that it is up and running. How do test it? where do I look up the log file to see if pmfirewall is running.OH yeah got portsentry up and running, how do I test that? Rob Got to http://www.grc.com and they will attempt to probe you (in a friendly manner). I mean, you don't have to marry them afterwards... ;-) -- /\ DarkLord \/
Re: [newbie] pmfirewall and portsentry test?
On Tue, 12 Sep 2000, you wrote: oh cool, I went to that site at www.grc.com and they probed it and tested my internet security and they stated that they had no way of getting into my computer.Which is great news! Now I can minimized my worriness about someone messing up my system... Yahoo! Rob Rob wrote: Hi, well, I guess I got it up and running. but I would like to make sure that it is up and running. How do test it? where do I look up the log file to see if pmfirewall is running.OH yeah got portsentry up and running, how do I test that? Rob Got to http://www.grc.com and they will attempt to probe you (in a friendly manner). I mean, you don't have to marry them afterwards... ;-) -- /\ DarkLord \/
Re: [newbie] pmfirewall and portsentry test?
Rob wrote: On Tue, 12 Sep 2000, you wrote: oh cool, I went to that site at www.grc.com and they probed it and tested my internet security and they stated that they had no way of getting into my computer. Just remember that GRC only tests a few certain well defined ports. Better idea would be to download nmap or saint and THEN scan yourself (just remember to turn off portsentry first otherwise you'll lock youself out of your machine) Dan
Re: [newbie] pmfirewall and portsentry test?
OK, I keep repeating myself, but it doesnt seem to do much good... so one more time and I'm through: www.grc.com is a decent site, and I'm not trying to knock it, but for linux it doesn't hold much validity. It is a site for WINDOWS security, and tests machines as though they are Windows boxes. This means that would-be open linux hacks will not be tested for. It is better to set up your firewall and portscan detection, and go to www.hackerwhacker.com. No, I do not get any kick-back...The first scan is free--it IS a rough scan, however. And... it may work your hard drive for an hour or two if you have lots of logging turned on. Of course, if you have portsentry running, you may wish to put their IP address in the portsentry.ignore file temporarily so that you actually get the scan report when they're finished. Portsentry will can their IP quite rapidly. grc.com gives a false sense of security to linux users as it usually says "There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!" It can only detect one of my ports open, and I already know it's open! But what it cannot detect, is that I also have portscan detection bound and listening to linux's vulnerable ports ready to lock out anyone who tries to poke around in those areas. These bindings should show open ports, but grc.com doesn't see them, because it doesn't test for them. www.hackerwhacker.com uses an outside nmap scan, and doesn't have any prejudices about which OS you're running, it'll hit you for whatever it can find. Their paid services go even further, but you'll be surprised by the ports it finds open after you've relied on grc.com. --Greg - Original Message - From: "Ronald J. Hall" [EMAIL PROTECTED] Got to http://www.grc.com and they will attempt to probe you (in a friendly manner). I mean, you don't have to marry them afterwards... ;-) Rob wrote: Hi, well, I guess I got it up and running. but I would like to make sure that it is up and running. How do test it? where do I look up the log file to see if pmfirewall is running.OH yeah got portsentry up and running, how do I test that? Rob -- /\ DarkLord \/ __ Vous avez un site perso ? 2 millions de francs à gagner sur i(france) ! Webmasters : ZE CONCOURS ! http://www.ifrance.com/_reloc/concours.emailif
[newbie] PMfirewall Tripwire question
Hey, I have a question for the group. I have PMfirewall installed and working. I downloaded psionics tripwire program and before I install it I want to know if there are any little details I should be especially conscious of in regards to its interactions with PMfirewall. Also, which (if any) programs can I use to check tripwires effectiveness? Thanks folks! Dacia __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/
Re: [newbie] PMfirewall Tripwire question
As for as I know Psionic does not make tripwire, they do however make some awesome security products: Portsentry Hostsentry and Logcheck. Logcheck and Portsentry can be run effectively under the IPchains firewall that PMfirewall has configured for you. Hey, I have aquestion for the group. I have PMfirewall installed and working. psionics tripwire program and before I install it I want to know if there are any little details I should be especially conscious of in regards to its interactions with PMfirewall. Also, which (if any) programs can I use to check tripwires effectiveness? Thanks folks! Dacia __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ -- __ [K][D][M]-=-=-=-=-[K][D][M] UIN:82189397 [K][D][M]-ETERNAL-[K][D][M] IM: xKxDxMx [K][D][M]-=-=-=-=-[K][D][M] E-MAIL: [EMAIL PROTECTED] __
Re: [newbie] PMfirewall Tripwire question
None that I have seen. Tripwire is best installed just after you install your system (not that this is necessary, though)--so that you can see any differences between the clean install and any alterations made thereafter. - Original Message - From: Dacia and AzureRose [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, July 23, 2000 4:16 PM Subject: [newbie] PMfirewall Tripwire question Hey, I have a question for the group. I have PMfirewall installed and working. I downloaded psionics tripwire program and before I install it I want to know if there are any little details I should be especially conscious of in regards to its interactions with PMfirewall. Also, which (if any) programs can I use to check tripwires effectiveness? Thanks folks! Dacia __ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ * Want free email? Sign up at http://www.freeze.com !
Re: [newbie] PMfirewall Portsentry question
Well, I'll be damned if my pesky crack habit didn't jump up and bite me in the ass again! Your right, it was Portsentry not trip wire. Dacia --- kdm [EMAIL PROTECTED] wrote: As for as I know Psionic does not make tripwire, they do however make some awesome security products: Portsentry Hostsentry and Logcheck. Logcheck and Portsentry can be run effectively under the IPchains firewall that PMfirewall has configured for you. Hey, I have aquestion for the group. I have PMfirewall installed and working. psionics tripwire program and before I install it I want to know if there are any little details I should be especially conscious of in regards to its interactions with PMfirewall. Also, which (if any) programs can I use to check tripwires effectiveness? Thanks folks! Dacia __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/ -- __ [K][D][M]-=-=-=-=-[K][D][M] UIN:82189397 [K][D][M]-ETERNAL-[K][D][M] IM: xKxDxMx [K][D][M]-=-=-=-=-[K][D][M] E-MAIL: [EMAIL PROTECTED] __ __ Do You Yahoo!? Get Yahoo! Mail Free email you can access from anywhere! http://mail.yahoo.com/
[newbie] PMFirewall
If anyone has so spare time, And wouldnt mind writing me Off list I am having a problem with my setup. I have read and printed copies of the arcive on pmfirewall, But am still having trouble with getting my mail I could use someone walking me through this Hugh
Re: [newbie] PMFirewall
I tryed PMfirewall on the following machine: -networkcard : none -internet connection: via ISDN card -POP to retrieve from ISP (no IMAP) Purposes: Want to close all ports to the outside. Installation: On the untared pmfirewall dir ~/pmfirewall-1.1.4 Type: sh install.sh The install proc.: (questions (summerized) - responses.) *dir to install: /usr/pmfirewall #(or where you want) *network : ippp0 *unrestricted access ? Y IP range: 127.0.0.1/255.255.255.0 add others ? N *IP ragnges to block completely ?N *IP address assigned via DHCP ? N *Running FTP ports 220/21 ? N *" SSH 22 ? N *" Telnet server 23 ? N *" SMTP server 25 ? N *" DNS server 53 ? N *" Finger server 79 ? N *" Web server80 ? N *" POP server 110 ? Y IP address 127.0.0.1/255.255.255.0 *Allow IDENT 113 ? N *Running NNTP server 119 ? N *If using NTP 123 ? N *Open NetBIOS/Samba 137-139 ? N *Running IMAP server 143 ? N *" SSL web server 443 ? N *" routed (RIP) 520 ? N *Open NFS2049 ? N *X server 5999-6003 ? N *Other ports to open ? N *Start on boot-up ? Y *Autodetect IP address? Y *Masquerade for other PC's? N *Start pmfirewall when succ PPP connection ? N --- Now, start pmfirewall: cd /usr/pmfirewall ( or rhe dir you installed pmfirewall) sh pmfirewall start If there are no error messages you'r ok ! --- Results: From http://grc.com -- STEALTH -- PORTPROBE PortService Status --- -- 21 FTP stealth 23 Telnet" 25 SMTP " 79 Finger" 80 HTTP " 110 POP3 " 113 IDENT " 139 NetBIOS " 143 IMAP " 443 HTTPS " --- Hope this help someone. Eric
Re: [newbie] PMFirewall
Thanks that is almost the same as I have except I used ppp0 and I blocked all address's except local 127.0.0.1/255.255.255.0 Thanks for your time . It now seems to work great On Thu, 13 Jul 2000, you wrote: I tryed PMfirewall on the following machine: -networkcard : none -internet connection: via ISDN card -POP to retrieve from ISP (no IMAP) Purposes: Want to close all ports to the outside. Installation: On the untared pmfirewall dir ~/pmfirewall-1.1.4 Type: sh install.sh The install proc.: (questions (summerized) - responses.) *dir to install: /usr/pmfirewall #(or where you want) *network : ippp0 *unrestricted access ? Y IP range: 127.0.0.1/255.255.255.0 add others ? N *IP ragnges to block completely ?N *IP address assigned via DHCP ? N *Running FTP ports 220/21 ? N *" SSH 22 ? N *" Telnet server 23 ? N *" SMTP server 25 ? N *" DNS server 53 ? N *" Finger server 79 ? N *" Web server80 ? N *" POP server 110 ? Y IP address 127.0.0.1/255.255.255.0 *Allow IDENT 113 ? N *Running NNTP server 119 ? N *If using NTP 123 ? N *Open NetBIOS/Samba 137-139 ? N *Running IMAP server 143 ? N *" SSL web server 443 ? N *" routed (RIP) 520 ? N *Open NFS2049 ? N *X server 5999-6003 ? N *Other ports to open ? N *Start on boot-up ? Y *Autodetect IP address? Y *Masquerade for other PC's? N *Start pmfirewall when succ PPP connection ? N --- Now, start pmfirewall: cd /usr/pmfirewall ( or rhe dir you installed pmfirewall) sh pmfirewall start If there are no error messages you'r ok ! --- Results: From http://grc.com -- STEALTH -- PORTPROBE Port Service Status --- -- 21FTP stealth 23Telnet" 25SMTP " 79Finger" 80HTTP " 110 POP3 " 113 IDENT " 139 NetBIOS " 143 IMAP " 443 HTTPS " --- Hope this help someone. Eric
[newbie] PMfirewall
Hello list, I setted-up PMfirewall with the help og Dennis Myers. Very impressive. All ports closed. This on a STANDALONE WORKSTATION Not connected to a network ! I recommend it fully. Eric
[newbie] PMfirewall install success
This is to thank the folks in "Newbie" who helped me out on the pmfirewall install. I just did my 5th try and this e-mail is the final test. I show up as totally stealth at Steve Gibsons "Shields UP" site. I can still go on-line and receive e-mail and now if this post goes out I have a totally successful install. Thanks, for the help.
