That's what I mean by nasty... Retaliation (albeit mild). That's the
way to go IMHO. Just haven't had the time to automate one.
On Sun, 20 Jan 2002 23:31:23 -0500
Douglas J Hunley [EMAIL PROTECTED] wrote:
Matthew Carpenter babbled on about:
I've done a bit of civil using the standard
On Thu, Jan 24, 2002 at 01:40:09PM -0500, Matthew Carpenter wrote:
That's what I mean by nasty... Retaliation (albeit mild). That's the
way to go IMHO. Just haven't had the time to automate one.
One of our ISP customers was being mail bombed from an ISP, and when I
called their technical
Myles Green babbled on about:
Is that in your script Doug? If so, I'm gonna give it a whirl 'cause
I've got 6 or 7 IIS ...errm.. Users... contributing to excessivly large
http_access logs =(
nope. the code for that is in hte archives of this list over at
mail-archive.com
if it's just
On Tue, 22 Jan 2002 10:51:03 -0500
Douglas J Hunley [EMAIL PROTECTED] wrote:
Myles Green babbled on about:
Is that in your script Doug? If so, I'm gonna give it a whirl 'cause
I've got 6 or 7 IIS ...errm.. Users... contributing to excessivly
large http_access logs =(
nope. the code for
On Wed, 16 Jan 2002 13:02:03 -0500
Douglas J Hunley [EMAIL PROTECTED] wrote:
actually, I prefer to let the hits in, as I have things in place to trap them
and .. uh.. deal with the offending machine g
Are we talking about civil or nasty modes?
I've done a bit of civil using the standard
Lavinius Romio Petru babbled on about:
So far so good, but you can be using --sport too to only allow
connections from priveleged ports, and I olso played with something like
example? where in this code would it go? advantages? disadvantages?
this
/sbin/iptables -I INPUT -i eth0 -p tcp
This is fun. Too bad my ISP has blocked port 80.
And I also failed to patch kenrel 2.4.17 with the patch-o-matic.
-m string --string 'cmd.exe' -j REJECT --reject-with tcp-reset
Might be more fun to make the target -j MIRROR and send the request back
where it came from.
--
The pivotal
I just tried make patch-o-matic from iptables-1.2.4 to
/usr/src/linux-2.4.17.
There were about 5 test failures during the patching of kernel, and I
chose N after that to not to apply the failed patch. I also could not
compile the kernel after the patching process after make menuconfig
No. The last one was posted by me. It's really rudimentary, and have
gotten some nice remarks from Mr. Bandel.
I didn't go over with a fine tooth comb, and I'm not
anything near a guru. Is this the same thing you posted
a day or sao back or are there changes to it this run around?
--
So far so good, but you can be using --sport too to only allow
connections from priveleged ports, and I olso played with something like
this
/sbin/iptables -I INPUT -i eth0 -p tcp --tcp-flags ACK ACK --dport 80 \
-m string --string 'cmd.exe' -j REJECT --reject-with tcp-reset
and add it permanent
yes. translation error. sorry.
No, I said `make patch-o-matic` gives you more stuff, including alpha
code. This may not be the best depending on your comfort level.
I've always just done 'make pending-patches' followed by 'make' and
hten'make install'
--
The pivotal point is the
On Sat, 12 Jan 2002 21:29:30 +1000
Lavinius Romio Petru [EMAIL PROTECTED] spewed into the bitstream:
So far so good, but you can be using --sport too to only allow
connections from priveleged ports, and I olso played with something like
this
/sbin/iptables -I INPUT -i eth0 -p tcp --tcp-flags
On Thu, 10 Jan 2002 19:30:45 +0800
Chang [linuxism] [EMAIL PROTECTED] spewed into the
bitstream:
do I need to make pending-patches before make patch-o-magic?
The INSTALL/README seemed to suggest that...
No.
The pending-patches is a very small subset of patch-o-matic (not
patch-o-magic).
Now I am getting adventurous... what should I do to get the patch
applied? Also, I didn't see the string target match option in make
menuconfig... kernel is 2.4.17
-===
Welcome to Rusty's Patch-o-matic!
Each patch is a new feature: many have minimal impact, some do not.
Almost every one has
run `make patch-o-matic` in the
iptables directory. You will not get it with make pending-patches or make
most-of-pom.
Ciao,
David A. Bandel
-===
Welcome to Rusty's Patch-o-matic!
Each patch is a new feature: many have minimal impact, some do not.
Almost every one has bugs, so I don't
Is my iptables ok? I wanted to submit it indeed... :)
--
The pivotal point is the second chance, judged by another set of
criteria.
In Linux We Trust -- http://linux.nf and news://news.hkpcug.org
#!/bin/sh
# bibliography:
#
# 1. Taming the Wild Netfilter, Sept 2001, http
On Sun, 06 Jan 2002 16:14:28 +0800
Chang [EMAIL PROTECTED] spewed into the bitstream:
Is my iptables ok? I wanted to submit it indeed... :)
--
The pivotal point is the second chance, judged by another set of
criteria.
In Linux We Trust -- http://linux.nf and news://news.hkpcug.org
the iptables things.
The saving grace is that while being more powerful, Netfilter by default
doesn't allow new connections from outside (if you're using the state
table).
For those who enjoyed my basic Netfilter article, I'll have another
(more
advanced) article RSN.
what's the URL
others are doing the iptables things.
The saving grace is that while being more powerful, Netfilter by default
doesn't allow new connections from outside (if you're using the state
table).
For those who enjoyed my basic Netfilter article, I'll have another
(more
advanced) article RSN
want open and to whom. that I can probably
implement.
I just wanted to see what this list thought was decent starting points
to
examine how others are doing the iptables things.
The saving grace is that while being more powerful, Netfilter by default
doesn't allow new connections from outside
Looking at Freshmeat, I see like 50 different firewall scripts (iptables
based). What are you guys using?
rc.firewall?
shorewall?
mon mothma?
others?
thanks!
--
Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778
Admin: Linux StepByStep - http://linux.nf
What am I?... Flypaper
On January 03, Douglas J Hunley enlightened our ignorance thusly:
Looking at Freshmeat, I see like 50 different firewall scripts (iptables
based). What are you guys using?
rc.firewall?
shorewall?
mon mothma?
others?
thanks!
Personally, I prefer the ones used in the iptables-HOWTO
all defaults as deny.)
This method is all I have used for serveral years to keep my firewall working just
fine.
Looking at Freshmeat, I see like 50 different firewall scripts (iptables
based). What are you guys using?
rc.firewall?
shorewall?
mon mothma?
others?
thanks!
--
Douglas J
On Thursday 03 January 2002 18:06 pm, Douglas J Hunley wrote:
Looking at Freshmeat, I see like 50 different firewall scripts (iptables
based). What are you guys using?
rc.firewall?
shorewall?
mon mothma?
others?
thanks!
SuSE's firewall2
On Thursday 03 January 2002 18:28 pm, Joel Hammer wrote:
I would STRONGLY urge you not to use any script for your security.
Scripts are basically black boxes. You can't rely on a black box. You have
to know about security.
I would learn to set up some ipchains rules, or get a set of rules
ipchains script is even up on the
SxS. But I wanted something to look at for iptables. Helps me figure it out..
--
Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778
Admin: Linux StepByStep - http://linux.nf
panic(huh?\n);
2.2.16 /usr/src/linux/arch/i386/kernel/smp.c
I still use them, so, they're not entirely dead. You can configure tcpd
wrappers with your firewall. Since you can spawn scripts with tcpd
wrappers when certain events occur, you can have very tight control over
security.
I think that changing technologies/software everytime you
want a new
On Thu, 3 Jan 2002 18:06:52 -0500
Douglas J Hunley [EMAIL PROTECTED] spewed into the bitstream:
Looking at Freshmeat, I see like 50 different firewall scripts (iptables
based). What are you guys using?
rc.firewall?
shorewall?
mon mothma?
others?
I have firewalls in a number of places
control over
security.
tcp wrappers is good, but limited -- mostly by what it can watch (TCP, but
not UDP) connections.
iptables is maturing rapidly and quite well. Some things you'll find in
the `make patch-o-matic` target include: port scan detection, NETLINK
target support, strings support
good starting points.
I already know ipchains inside and out. My ipchains script is even up on
the SxS. But I wanted something to look at for iptables. Helps me figure it
out..
When I was running eD2.4, I knew how ipchains worked although I still
used a script to implement them.
But I
On Thu, 3 Jan 2002 18:06:52 -0500
Douglas J Hunley [EMAIL PROTECTED] wrote:
Looking at Freshmeat, I see like 50 different firewall scripts
(iptables based). What are you guys using?
rc.firewall?
shorewall?
mon mothma?
others?
I'm using 'narc' available here:
http://www.knowplace.org/dl
was decent starting points to
examine how others are doing the iptables things.
For those who enjoyed my basic Netfilter article, I'll have another (more
advanced) article RSN.
what's the URL of the previous article? also, post the new URL when it goes
online please. thanks!
--
Douglas J Hunley
insmod: a module named ip_tables already exists
iptables v1.1.2: Couldn't load match
`string':/usr/lib/iptables/libipt_string.so: cannot open shared object file:
No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
where do I get this module?
Regards
Sorry for the delay in posting, but I finally got around to resubscribing
after the linux.nf crash. Good to hear it's got a robust piece of
hardware runnning it. I was reading the list from the archives on the
website and wanted to respond to this topic.
I've also searched for a conversion
34 matches
Mail list logo