Re: [newbie] Virus on Linux?
>> Side note here on PMFIREWALL >> >> I installed it day before yesterday, ran the script. Was very easy - mostly >> I accepted defaults. Then I ran a scan on my system. Much to my surprise, >> I was wide open on ALL my udp ports... Reran the setup looking for what may They may not be open. If you check your messages log you probably have hundreds of DENY entry. The problem is that UDP packets don't necessarily get a response, so no response may look open. If the port is closed then a closed message is sent. If the port is shut down completely then it's denied and may look open to the scanner. MB
RE: [newbie] Virus on Linux?
this is the point at which one takes a look at the ipchains howto to get a better understanding of how ipchains work. after setting up PMfirewall initially it would take you about five minutes to close any/all the ports you want where udp packets are being recieved. this, of course, requires a tiny bit of manual editing. however, it is simple enough since there are example chains already written in the pmfirewall.rules.local file. that is the file where thee changes/additions to ipchains are to be made. Pmfirewall is a great way to get your firewall STARTED, but it is by no means complete or finished after using this script to configure you ipchains. Ipchains still requires the user to become involved and take an active role in configuration and maintaining the firewall. thats not the burden that it sounds like it is though. unlike ZoneAlarm where everything is done for you, as in Guard Dog, Ipchains requires user intervention and thereby allows much more focused control on all parts of the firewall and requires the user to be responsible for the saftey/security of the machine. -- Mark / * Sometimes it becomes necessary to rock the boat * in order to get the rats up from below decks * so they can be kicked over the side and drowned! * * REGISTERED LINUX USER # 182496 */ <*REPLY SEPERATOR*>> On Wed, 29 Nov 2000 Dickman, Jeff had this to say! > > Side note here on PMFIREWALL > > I installed it day before yesterday, ran the script. Was very easy - mostly > I accepted defaults. Then I ran a scan on my system. Much to my surprise, > I was wide open on ALL my udp ports... Reran the setup looking for what may > have caused this terrible error, nothing about UDP ports... not a good way > to start of a relationship. > > -JD- >
RE: [newbie] Virus on Linux?
Side note here on PMFIREWALL I installed it day before yesterday, ran the script. Was very easy - mostly I accepted defaults. Then I ran a scan on my system. Much to my surprise, I was wide open on ALL my udp ports... Reran the setup looking for what may have caused this terrible error, nothing about UDP ports... not a good way to start of a relationship. -JD-
Re: [newbie] Virus on Linux?
I think we sort of agree, what I am really saying I suppose is that Guarddog is a good place to start for a newbie, it gives a reasonable degree of security without the need for understanding of ipchains. As ShieldsUp is aimed at Windows users (I believe) and it couldn't find me when I hid behind Guarddog, I would hope that it will hide me from "Windows using script kiddies". That said, I fully accept your point and would urge newbies not to be complacent and rely on Guarddog believing it to be enough. I would suggest installing it, then looking at the available documentation for ipchains and PMfirewall and moving on. > > That's my point tho, would you rather have a fancy GUI for a > firewall setup that leaves ports open, or use a text based app like > PMfirewall that sets up ipchains to give better protection? > > > BTW thanks for the heads-up re: the better check than ShieldsUp - > > I've been there and it finds things that ShieldsUp couldn't > > like port 23 is open and allows telnet > > port 80 is open and allows http > > port 8080 is open for http-proxy > > none of which I understand because as far as I knew none of these > > sevices were enabled - guess I've got some digging to do ! > > Poogle > > Do the complete scan and get the emailed report. The basic scan > reports 1025 open on my system, but the complete scan reports 1025 as > open/filtered, ie, not a problem. 'Course I have the BEST protection > from script kiddies, a lousy 28,8 dialup ;> I did do the complete scan which is where I got the results I mentioned, I still haven't found out why telnet, http and http-proxy are open, but then I haven't yet looked very hard.
Re: [newbie] Virus on Linux?
On Tuesday 28 November 2000 04:33 pm, you wrote: > Eddie, > > I would very much like to have that URL - I've heard about it before, but > no one seems to know where it was... > > -JD- I think this is the link everyone is looking for. http://linux-firewall-tools.com/linux/firewall/index.html -- The box said Win95 or better so I got Linux. Registered Linux user 181996
RE: [newbie] Virus on Linux?
Eddie, I would very much like to have that URL - I've heard about it before, but no one seems to know where it was... -JD- -Original Message- From: Eddie Torres [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 28, 2000 12:45 PM To: [EMAIL PROTECTED] Subject: Re: [newbie] Virus on Linux? On Tuesday 28 November 2000 11:22, you wrote: > I realise that there are more secure firewalls available but Guarddog > is so easy to set up for a newbie,with it's point and click panels > it's straightforward to select/de-select options and go back in to > change if you get it wrong, and requires little (if any) > understanding of ipchains. > > BTW thanks for the heads-up re: the better check than ShieldsUp - > I've been there and it finds things that ShieldsUp couldn't > like port 23 is open and allows telnet > port 80 is open and allows http > port 8080 is open for http-proxy > none of which I understand because as far as I knew none of these > sevices were enabled - guess I've got some digging to do ! > > Poogle > > On Monday 27 November 2000 22:34, you wrote: > > On Monday 27 November 2000 12:53 pm, [EMAIL PROTECTED] wrote: > > > For a newbie, I like Guarddog firewall, free and downloadable > > > it's available for MD 7.0. 7.1 & 7.2 > > > http://www.simonzone.com/software/guarddog/ > > > > It doesn't close/filter ports as well as PMfirewall does. > > Looks nice, but it's less effective ipchains config. > > > > http://www.pointman.org/PMFirewall/ > > > > and here's a better check than ShieldsUp! > > > > http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now Here is what I did. I found a website, I don't recall if Tom was the one that recommended it, that builds a firewall script for you and it's simple to setup and very detailed. I took what I made there and incorporated it into my pmfirewall. I did the sdesign.com tests and I show no ports open at all and I have all the functionality i need to have, even on irc. I'll try to dig out the site url and post it. P.S. BTW Tom, I'm in Pasadena. -- Eddie Torress www.veloct.net
Re: [newbie] Virus on Linux?
On Tuesday 28 November 2000 11:22, you wrote: > I realise that there are more secure firewalls available but Guarddog > is so easy to set up for a newbie,with it's point and click panels > it's straightforward to select/de-select options and go back in to > change if you get it wrong, and requires little (if any) > understanding of ipchains. > > BTW thanks for the heads-up re: the better check than ShieldsUp - > I've been there and it finds things that ShieldsUp couldn't > like port 23 is open and allows telnet > port 80 is open and allows http > port 8080 is open for http-proxy > none of which I understand because as far as I knew none of these > sevices were enabled - guess I've got some digging to do ! > > Poogle > > On Monday 27 November 2000 22:34, you wrote: > > On Monday 27 November 2000 12:53 pm, [EMAIL PROTECTED] wrote: > > > For a newbie, I like Guarddog firewall, free and downloadable > > > it's available for MD 7.0. 7.1 & 7.2 > > > http://www.simonzone.com/software/guarddog/ > > > > It doesn't close/filter ports as well as PMfirewall does. > > Looks nice, but it's less effective ipchains config. > > > > http://www.pointman.org/PMFirewall/ > > > > and here's a better check than ShieldsUp! > > > > http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now Here is what I did. I found a website, I don't recall if Tom was the one that recommended it, that builds a firewall script for you and it's simple to setup and very detailed. I took what I made there and incorporated it into my pmfirewall. I did the sdesign.com tests and I show no ports open at all and I have all the functionality i need to have, even on irc. I'll try to dig out the site url and post it. P.S. BTW Tom, I'm in Pasadena. -- Eddie Torress www.veloct.net
Re: [newbie] Virus on Linux?
On Tuesday 28 November 2000 11:22 am, [EMAIL PROTECTED] wrote: > I realise that there are more secure firewalls available but Guarddog > is so easy to set up for a newbie,with it's point and click panels > it's straightforward to select/de-select options and go back in to > change if you get it wrong, and requires little (if any) > understanding of ipchains. That's my point tho, would you rather have a fancy GUI for a firewall setup that leaves ports open, or use a text based app like PMfirewall that sets up ipchains to give better protection? > BTW thanks for the heads-up re: the better check than ShieldsUp - > I've been there and it finds things that ShieldsUp couldn't > like port 23 is open and allows telnet > port 80 is open and allows http > port 8080 is open for http-proxy > none of which I understand because as far as I knew none of these > sevices were enabled - guess I've got some digging to do ! > Poogle Do the complete scan and get the emailed report. The basic scan reports 1025 open on my system, but the complete scan reports 1025 as open/filtered, ie, not a problem. 'Course I have the BEST protection from script kiddies, a lousy 28,8 dialup ;> -- Tom Brinkman [EMAIL PROTECTED] Galveston Bay > > On Monday 27 November 2000 22:34, you wrote: > > On Monday 27 November 2000 12:53 pm, [EMAIL PROTECTED] wrote: > > > For a newbie, I like Guarddog firewall, free and downloadable > > > it's available for MD 7.0. 7.1 & 7.2 > > > http://www.simonzone.com/software/guarddog/ > > > > It doesn't close/filter ports as well as PMfirewall does. > > Looks nice, but it's less effective ipchains config. > > > > http://www.pointman.org/PMFirewall/ > > > > and here's a better check than ShieldsUp! > > > > http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now
Re: [newbie] Virus on Linux?
On Mon, 27 Nov 2000, patrick wrote: > On Mon, 27 Nov 2000, you wrote: > > On Mon, 27 Nov 2000 [EMAIL PROTECTED] wrote: > > > The best firewall (or, in other words, the one that I use ;-)) is > > IPchains. You can use another nice program called PMFirewall to configure > > it. > > > and i would say the only problem would be installing it. unless > of course u are linux genius :) > LOL...nah, it was easy. Now, granted, I had someone holding my hand throughout the process (thanks Mark!), but it wasn't hard. 1. Install IPchains (make sure it's checked in Startup Services) 2. Install PMFirewall 3. open a terminal and, as root, cd to the PMfirewall dir, and type ./installsh (or something like that...youll see the file name if you type ls). 4. go through the PMFirewall walkthrough 5. Now is the part where there's a file name I don't remember - cd to the file PMFirewall saved to (it allows you to specify that right at the beginning, and gives you the option of a default, which I used). Once there, type pmfirewall -restart and you be done! Believe me, if I can do it...anyone can! -- peace, Rog http://www.slammingrooves.com Registered Linux user #190719
Re: [newbie] Virus on Linux?
On Mon, 27 Nov 2000, you wrote: > On Mon, 27 Nov 2000 [EMAIL PROTECTED] wrote: > > Well, I far as I know, there is only 1 virus for Linux, which is actually > > a Trojan Horse. Plus, This Trojan Horse only affects the kernels below > > 2.2.15 As for fiewalls, I don't have a clue, but I would be very > > surprised if you couldn't get one. > > > > 8) > > The best firewall (or, in other words, the one that I use ;-)) is > IPchains. You can use another nice program called PMFirewall to configure > it. and i would say the only problem would be installing it. unless of course u are linux genius :) -- Love is all u need, and a little Linux too for good measure
Re: [newbie] Virus on Linux?
On Mon, 27 Nov 2000 [EMAIL PROTECTED] wrote: > Well, I far as I know, there is only 1 virus for Linux, which is actually a > Trojan Horse. Plus, This Trojan Horse only affects the kernels below 2.2.15 > As for fiewalls, I don't have a clue, but I would be very surprised if you > couldn't get one. > > 8) > > > The best firewall (or, in other words, the one that I use ;-)) is IPchains. You can use another nice program called PMFirewall to configure it. -- peace, Rog http://www.slammingrooves.com Registered Linux user #190719
Re: [newbie] Virus on Linux?
On Monday 27 November 2000 12:53 pm, [EMAIL PROTECTED] wrote: > For a newbie, I like Guarddog firewall, free and downloadable > it's available for MD 7.0. 7.1 & 7.2 > http://www.simonzone.com/software/guarddog/ It doesn't close/filter ports as well as PMfirewall does. Looks nice, but it's less effective ipchains config. http://www.pointman.org/PMFirewall/ and here's a better check than ShieldsUp! http://www.sdesign.com/cgi-bin/fwtest.cgi?APPLY=Scan+Me+Now -- Tom Brinkman [EMAIL PROTECTED] Galveston Bay
RE: [newbie] Virus on Linux?
Not sure about Viruses, but if you are interested in Linux Security then check out http://mirrors.hotdog.org/LDP/HOWTO/IPCHAINS-HOWTO.html http://tickle.unco.edu/cs442/weitzel/execute.html http://www.redhat.com/support/docs/tips/firewall/firewallservice.html http://www.linux-mandrake.com/en/demos/Networking/ HTH, Duke -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Yayan Irianto Sent: Monday, November 27, 2000 11:48 AM To: [EMAIL PROTECTED] Subject: [newbie] Virus on Linux? Hi All, Thanks for your answer regarding my internet connection, and I got the solution for it. Frankly I am new with linux but start to interrest it (I hope love it too). I have some question, Are there computer viruses in Linux environtment (that always atack windows system)? Is there a firewall software like Norton Internet Security? Thanks again. yayan. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Re: [newbie] Virus on Linux?
On Mon, 27 Nov 2000 [EMAIL PROTECTED] wrote: >Well, I far as I know, there is only 1 virus for Linux, which is actually a >Trojan Horse. Plus, This Trojan Horse only affects the kernels below 2.2.15 >As for fiewalls, I don't have a clue, but I would be very surprised if you >couldn't get one. On www.pointman.org you can download PMfirewall. It is a script that helps you set up ipchains, Linux' own firewall. It is good. Also get portsentry from there and you're fine. Paul -- When I am angry, the drawer in my closet won't open anymore http://nlpagan.net - ICQ 147208 - Registered Linux User 174403 Linux Mandrake 7.2 - Pine 4.30
Re: [newbie] Virus on Linux?
For a newbie, I like Guarddog firewall, free and downloadable it's available for MD 7.0. 7.1 & 7.2 http://www.simonzone.com/software/guarddog/ On Monday 27 November 2000 16:48, you wrote: > Hi All, > Thanks for your answer regarding my internet connection, and I got the > solution for it. > Frankly I am new with linux but start to interrest it (I hope love it too). > I have some question, > Are there computer viruses in Linux environtment (that always atack windows > system)? > Is there a firewall software like Norton Internet Security? > Thanks again. > > yayan. > > > > _ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com
Re: [newbie] Virus on Linux?
Well, I far as I know, there is only 1 virus for Linux, which is actually a Trojan Horse. Plus, This Trojan Horse only affects the kernels below 2.2.15 As for fiewalls, I don't have a clue, but I would be very surprised if you couldn't get one. 8)