[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: All these open ports

--- listcomm@ml1.net wrote:

> On Mon, 23 Aug 2004 13:05:00 +0800, "Katipo" <katipo@weavers-web.org>
> said:
> > >In any case, I've as yet been unable to find any way of getting
> > >detection and authorization of outgoing requests with any
> > >of the Linux firewalls, or with IPtables - although I can hardly say
> > >that
> > >I've thoroughly done my homework
> > >
> > Even firestarter provides some degree of configurability in this
> respect.
> It will block ports on an individual basis, if you can identify
> them as needing to be blocked - but AFAIK the iptables script it sets
> up,
> defaults to forwarding all requests from internal processes.  (If I'm
Like the FW communicating with the system?  This is not lightly setup,
thought a netstat could fetch(ony what's going on when it's run) this
There is a system where the FW can look at the user and name of the
program, but this likely is not what your talking aobut.

> wrong about that, or if there is some way to get it even to flag
> outgoing
> access attempts by newly spawned processes, I'd like to know about
> it...)
Like iptables -A OUTGOING -m state -state NEW -j log?  Like I said you can
have the User:ID and program name printed as well, I think?  If not you
could have syslogd trip of a "netstat -p" run and have that e-maild to

> > Asking in the right place helps.
> > A number of people here would have the answers you're looking for, but
> > Debian has a firewall list.
> Yes - I asked about that earlier.  I posted to the firewall list
> earlier,
> in fact, and got no response at all.  Additionally, there is a lot of
> traffic on here other than my own, WRT firewall and iptables subjects.
> I'll cross-post this to the firewall list, but I'm really getting the
> impression it doesn't get used much...  maybe I'm wrong, but I'm signed
> up on it and don't see as much traffic on there as I do about firewall
> on the "users" list.
I can assure you that where here, just recently we setup a wiki. 
http://wiki.debian.net/index.cgi?Firewalls, feel free to add your
experties with Linux and/or Debian Fierwalls there.  I would love to read
about your ideal settup.

> > Itt might be an idea to check out apps like tinyhoneypot amongst
> others, 
> > also.
> Thanks... I'll do that - it sounds like there's at least one area I
> haven't
> explored yet...
> > >(Okay, now, everybody yell in unison:  "WELL GO RUN WINDOWS THEN!!!")
> > >  
> > >
> > Failing that, go run windows.
> Why, thank you.  I needed that.  (But not to worry, I'm on my way out of
> Billyworld permanently, one way or the other, difficulties
> notwithsatanding...)
> -- 
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org

Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.

Reply to: