Re: All these open ports
--- email@example.com wrote:
> On Mon, 23 Aug 2004 13:05:00 +0800, "Katipo" <firstname.lastname@example.org>
> > >In any case, I've as yet been unable to find any way of getting
> > >detection and authorization of outgoing requests with any
> > >of the Linux firewalls, or with IPtables - although I can hardly say
> > >that
> > >I've thoroughly done my homework
> > >
> > Even firestarter provides some degree of configurability in this
> It will block ports on an individual basis, if you can identify
> them as needing to be blocked - but AFAIK the iptables script it sets
> defaults to forwarding all requests from internal processes. (If I'm
Like the FW communicating with the system? This is not lightly setup,
thought a netstat could fetch(ony what's going on when it's run) this
There is a system where the FW can look at the user and name of the
program, but this likely is not what your talking aobut.
> wrong about that, or if there is some way to get it even to flag
> access attempts by newly spawned processes, I'd like to know about
Like iptables -A OUTGOING -m state -state NEW -j log? Like I said you can
have the User:ID and program name printed as well, I think? If not you
could have syslogd trip of a "netstat -p" run and have that e-maild to
> > Asking in the right place helps.
> > A number of people here would have the answers you're looking for, but
> > Debian has a firewall list.
> Yes - I asked about that earlier. I posted to the firewall list
> in fact, and got no response at all. Additionally, there is a lot of
> traffic on here other than my own, WRT firewall and iptables subjects.
> I'll cross-post this to the firewall list, but I'm really getting the
> impression it doesn't get used much... maybe I'm wrong, but I'm signed
> up on it and don't see as much traffic on there as I do about firewall
> on the "users" list.
I can assure you that where here, just recently we setup a wiki.
http://wiki.debian.net/index.cgi?Firewalls, feel free to add your
experties with Linux and/or Debian Fierwalls there. I would love to read
about your ideal settup.
> > Itt might be an idea to check out apps like tinyhoneypot amongst
> > also.
> Thanks... I'll do that - it sounds like there's at least one area I
> explored yet...
> > >(Okay, now, everybody yell in unison: "WELL GO RUN WINDOWS THEN!!!")
> > >
> > >
> > Failing that, go run windows.
> Why, thank you. I needed that. (But not to worry, I'm on my way out of
> Billyworld permanently, one way or the other, difficulties
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.