On Wed, Jan 10, 2007 at 08:49:20PM -0800, Paul Johnson wrote:
> Douglas Tutty wrote:
>
> > On Wed, Jan 10, 2007 at 11:23:29AM -0800, Paul Johnson wrote:
> >
> >> I think shorewall assumes that you don't really want to block /all/
> >> outbound traffic and does the right thing, then.
> >
> > Befo
Douglas Tutty wrote:
> On Wed, Jan 10, 2007 at 11:23:29AM -0800, Paul Johnson wrote:
>
>> I think shorewall assumes that you don't really want to block /all/
>> outbound traffic and does the right thing, then.
>
> Before you assume this, you should check the netfilter docs. If by
> default I bl
On Wed, 10 Jan 2007 19:26:56 -0500
Douglas Tutty <[EMAIL PROTECTED]> wrote:
[snip]
> Before you assume this, you should check the netfilter docs. If by
> default I block all outgoing and incomming connections then there's no
> way to establish an 'existing' connection in the first place. If I
>
On Wed, Jan 10, 2007 at 11:23:29AM -0800, Paul Johnson wrote:
> Douglas Tutty wrote:
>
> > On Tue, Jan 09, 2007 at 11:23:56AM -0800, Paul Johnson wrote:
> >
> >> Douglas Tutty wrote:
> >>
> >> > I use shorewall with default block everything all directions then open
> >> > things up as needed.
> >>
> >> > > useful in this environment?
> >> > Many folks like that one. I use shorewall. You can always block
> >> > outgoing ports that you dont use. If you dont run an ftp server,
> block
> >> > port 20 and 21, etc.
> >> >
> >> That is why I really like the "default deny" mentality. Start by
> >>
Douglas Tutty wrote:
> On Tue, Jan 09, 2007 at 11:23:56AM -0800, Paul Johnson wrote:
>
>> Douglas Tutty wrote:
>>
>> > I use shorewall with default block everything all directions then open
>> > things up as needed.
>>
>> I bet you have a rule someplace that allows outgoing traffic that's part
>>
On Tue, Jan 09, 2007 at 11:23:56AM -0800, Paul Johnson wrote:
> Douglas Tutty wrote:
>
> > On Mon, Jan 08, 2007 at 10:35:10PM -0800, Paul Johnson wrote:
> >> James Stevenson wrote:
> >>
> >> >> If I understand the matter correctly, a firewall can protect only
> >> >> against incoming messages, an
Douglas Tutty wrote:
> On Mon, Jan 08, 2007 at 10:35:10PM -0800, Paul Johnson wrote:
>> James Stevenson wrote:
>>
>> >> If I understand the matter correctly, a firewall can protect only
>> >> against incoming messages, and is useless against spyware which
>> >> "phones home" or zombie-ware which
Kamaraju Kusumanchi wrote:
> On Monday 08 January 2007 14:13, Russell L. Harris wrote:
>
>> So, before I preach about the dangers of spyware and zombies to my
>> buddies using Window$, how can I be certain that my own Debian machine
>> has not been compromised and has not become a zombie? Is the
Angelo Bertolli wrote:
> Russell L. Harris wrote:
>
>> My LAN is protected by a machine running SmoothWall Express 2.0,
>> acting as a firewall and router. Would an internal firewall package be
>> useful in this environment?
>>
> As someone mentioned Linux already has an internal firewall.
Or
On Mon, Jan 08, 2007 at 10:35:10PM -0800, Paul Johnson wrote:
> James Stevenson wrote:
>
> >> If I understand the matter correctly, a firewall can protect only
> >> against incoming messages, and is useless against spyware which
> >> "phones home" or zombie-ware which spews email spam.
> >
> > No
Russell L. Harris wrote:
Yesterday I read another article bemoaning the large number of Window$
machines which have been commandeered remotely and turned into
spam-spewing zombies.
http://www.nytimes.com/2007/01/07/technology/07net.html
where I read it
Hugo
If I understand the matter corre
James Stevenson wrote:
>> > > useful in this environment?
>> > Many folks like that one. I use shorewall. You can always block
>> > outgoing ports that you dont use. If you dont run an ftp server, block
>> > port 20 and 21, etc.
>> >
>> That is why I really like the "default deny" mentality. Star
James Stevenson wrote:
>> If I understand the matter correctly, a firewall can protect only
>> against incoming messages, and is useless against spyware which
>> "phones home" or zombie-ware which spews email spam.
>
> Not totally correct. A firewall is only as good as the traffic that is
> permi
> > > useful in this environment?
> > Many folks like that one. I use shorewall. You can always block outgoing
> > ports that you dont use. If you dont run an ftp server, block port 20
> > and 21, etc.
> >
> That is why I really like the "default deny" mentality. Start by
> blocking all incoming a
On Mon, Jan 08, 2007 at 02:51:38PM -0500, Kevin Mark wrote:
> On Mon, Jan 08, 2007 at 01:13:01PM -0600, Russell L. Harris wrote:
> >
> > My LAN is protected by a machine running SmoothWall Express 2.0,
> > acting as a firewall and router. Would an internal firewall package be
> > useful in this e
> If I understand the matter correctly, a firewall can protect only
> against incoming messages, and is useless against spyware which
> "phones home" or zombie-ware which spews email spam.
Not totally correct. A firewall is only as good as the traffic that is
permitted to flow across it. If you wa
Angelo Bertolli writes:
> 2) If you have a hash of all the files (like tripwire provides) on some
>media that was NOT compromised, you can check those.
You must also boot from uncompromised media.
--
John Hasler
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Tr
Kamaraju Kusumanchi wrote:
On Monday 08 January 2007 14:13, Russell L. Harris wrote:
So, before I preach about the dangers of spyware and zombies to my
buddies using Window$, how can I be certain that my own Debian machine
has not been compromised and has not become a zombie? Is there a
sim
Russell L. Harris wrote:
Yesterday I read another article bemoaning the large number of Window$
machines which have been commandeered remotely and turned into
spam-spewing zombies.
If I understand the matter correctly, a firewall can protect only
against incoming messages, and is useless against
On Monday 08 January 2007 14:13, Russell L. Harris wrote:
> So, before I preach about the dangers of spyware and zombies to my
> buddies using Window$, how can I be certain that my own Debian machine
> has not been compromised and has not become a zombie? Is there a
> simple test which I can run
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jan 08, 2007 at 01:13:01PM -0600, Russell L. Harris wrote:
> Yesterday I read another article bemoaning the large number of Window$
> machines which have been commandeered remotely and turned into
> spam-spewing zombies.
>
> If I understand th
Russell L. Harris wrote:
Yesterday I read another article bemoaning the large number of Window$
machines which have been commandeered remotely and turned into
spam-spewing zombies.
If I understand the matter correctly, a firewall can protect only
against incoming messages, and is useless against
23 matches
Mail list logo
