[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] IPCHAINS & Rules Settings

Subject: RE: [cobalt-users] IPCHAINS & Rules Settings
From: "Steven Young" <steven.young@xxxxxxxxxxxxxxx>
Date: Fri Oct 25 17:30:00 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> I tested everything from Pop3, SSH, FTP and HTTP were all 
> working fine.  I did 
> then a port scan which usually shows me all ports with 
> connection refused 
> message (from PortSentry), This time my scan were blocked and 
> all ports showed 
> timed-out connections.  The server were working fine and I 
> was accessing pop3 
> with no problem BUT then after 15 minutes all services became 
> un-reashable.  I 
> mean checking email times-out just like if the server is 
> offline. Same goes 
> for ssh.  Ping respond ok.  Websites browsing/loading slow! 
> then I re-booted 
> the server to flush the IPCHAINS Rules and now everything 
> back to norms.
> 
> But I need to apply the IPCHAINS rules, and want to know what 
> is wrong.

PortSentry is probably dropping you with ipchains when you portscan your
box (which is normal). You can set PortSentry to ignore your IP by
adding your IP to the portsentry.ignore file. You could also use
ipchains to accept all connections from your your IP with a rule like:-

/sbin/ipchains -A input -s xxx.xxx.xxx.xxx/32 -d 0/0 -j ACCEPT

where xxx.xxx.xxx.xxx is the IP of the computer you're portscanning
from.

~
Steven

References:
- [cobalt-users] IPCHAINS & Rules Settings
  - From: aljuhani

Prev by Date: [cobalt-users] IPCHAINS & Rules Settings
Next by Date: [cobalt-users] BIND Configuration files
Previous by thread: [cobalt-users] IPCHAINS & Rules Settings
Next by thread: RE: [cobalt-users] IPCHAINS & Rules Settings

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index