[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] RaQ3 ipchains install help

Subject: Re: [cobalt-users] RaQ3 ipchains install help
From: Wayne Sagar <wsagar@xxxxxxxx>
Date: Mon Apr 23 19:01:37 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

At 09:47 AM 4/22/01 +0200, you wrote:

>But you found the Firewall-HOWTO
>(http://ldp.nllgg.nl/HOWTO/Firewall-HOWTO.html) and the IPCHAINS->HOWTO
>(http://ldp.nllgg.nl/HOWTO/IPCHAINS-HOWTO.html), right?

I found the second link but not the first... I found out one thing for
sure... it's not nice to play with mother firewall unless you're sure what
you're doing <knocking at door>hey.... let me in!!!<g>

>There has been talk about a script that was posted to this list some time
>ago; probably be4 I entered the list.

It would be nice to find that one. I did find one in the archives and it
really did work.. maybe too well? I'm still not sure I locked myself out
or.. as I've read ipchains will sometimes do.. locked up the machine..
either way... it was a painful 6 minutes till the server guys hit the
button for me.. It was neat seeing the machine disappear off the net for
everything other than the services I wanted seen.. But there were a lot of
error messages when I loaded the script and SMTP was not working.. sooooo
back to the drawing board.. 

>http://www.openna.com/books/book.htm is a great book on Linux (RedHat
>specific) security in general. <snip> It has some great pointers on
configuring >ipchains. I've been using that

Will have to look into that.. I'm actually surrounded by people who know
this stuff pretty well and have a friend who is one of the "renouned"
security experts in the field.. but.. they want me to learn it... so offer
advice.. not configuration.. Suppose in long run this is good.. but.. I'm
just a lowley writer/photographer.. geez... <whine>this stuff is
haaaarrrddddd</whine> 

>Biggest problem with the firewall scripts I've seen is that these do not
>take into account the ability to add more IP addresses to a Linux box at any
>given time. There's a quick fix to provide that feature. Next big problem is
>that the Active Monitor keeps on flashing... ;-)

That won't be a problem for me, for now.. (name based server, single ip)
but could be down the road.. 

>I'd be interested in your findings on Tripwire. Haven't come around to it
>yet.

LOL.. I'm sure I'll be whining here for help... or crowing about success..
either one <g> One piece of advice I got on that one was to keep the files
"off-server" so they can not be changed by the bad guys... noticed that in
the intro for the file also... prolly good idea.. in fact.. I think I'll
keep all the server files here on my huge workstation HD!!!... aahh...
shooot.. that won't work <back to drawing board>

>It's good to be paranoid when everyone's out to get you! :-)

Yeppers.. from the amount of hits logcheck throws at me via portsenty.. and
the amount of hits I get on my workstation firewall.. it seems that way!!

I will keep the list advised of my success/failure on the "armouring" of
the little blue box... 

Wayne

Prev by Date: Re: [cobalt-users] IMAP Any problem turning it off?
Next by Date: RE: [cobalt-users] netra x1
Previous by thread: Re: [cobalt-users] RaQ3 ipchains install help
Next by thread: [cobalt-users] RE: cobalt-users digest, Vol 1 #2621 - 18 msgs

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index