Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?

To: debian-laptop@lists.debian.org
Cc:
Subject: Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?
From: Blars Blarson <blarson@blars.org>
Date: Fri, 11 Jul 2003 11:20:39 -0700
Message-id: <[🔎] 200307111820.h6BIKdoc029415@renig.nat.blars.org>
In-reply-to: <[🔎] 200307110024.58629.Michael.Wordehoff@gmx.de>
References: <[🔎] 200307102339.04440.Michael.Wordehoff@gmx.de> <[🔎] 200307101406.29932.Michael.Wordehoff@gmx.de> <[🔎] Pine.LNX.4.55.0307101619210.31339@zuklin05.desy.de> <[🔎] 200307102339.04440.Michael.Wordehoff@gmx.de>

In article <[🔎] 200307110024.58629.Michael.Wordehoff@gmx.de> 
Michael.Wordehoff@gmx.de writes:
>Am Donnerstag, 10. Juli 2003 22:18 schrieb Blars Blarson:
>> iptables -A INPUT -p tcp --dport 80 -s ! 127.0.0.1 -j DROP
>...dropping anything tcp on port 80 but from 127.0.0.1 ?

Yes.

>Somehow I get confused - what port is used to connect to LAN via eth0 ?

Port 80 is the http.  Interface eth0 would be -i eth0 for input,
-o eth0 for output.

You realy need to read some iptables documentation before using it.

>If apache is started by inetd over tcpd, would it be be enough to configure 
>/etc/hosts.allow and deny ?

Probably.  I have more experience with iptables.

>Though i really like commands more than that -  is there a usable linux GUI ?

Not that I know of.  Most attempts try to make things easy for the
user by omitting many needed features.

My boss would like to see one.  He can't understand why I prefer
editing control files to hunting through the many levels of menus it
would take to do the same thing.  Let me know if you find something
that can handle all the iptables options, and lets me do what I can
controling the details of interface configuration and routing with the
ip command.  (ifconfig and route make assumptions that arn't always
true.)

>I mean, for a whole suite of security configurations.
>( i know linuxconfig, but this is not very security-specific.

linuxconfig as used on redhat is very broken.  If any program on
Debian trounced my config files like that I'd be filing serious bugs.

>( I shall lookup webmin, i guess)
-- 
Blars Blarson			blarson@blars.org
				http://www.blars.org/blars.html
"Text is a way we cheat time." -- Patrick Nielsen Hayden

Reply to:

Follow-Ups:
- Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?
  - From: Krisztian Mark Szentes <office@lsa.at>

References:
- worm infection on linux host ? was: port 80 access while downloading over ppp ?
  - From: mi <Michael.Wordehoff@gmx.de>
- port 80 access while downloading over ppp ?
  - From: mi <Michael.Wordehoff@gmx.de>
- Re: port 80 access while downloading over ppp ?
  - From: debianlaptop@ferrando.co.uk
- Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?
  - From: mi <Michael.Wordehoff@gmx.de>

Prev by Date: Re: ide CD Bruner
Next by Date: Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?
Previous by thread: Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?
Next by thread: Re: worm infection on linux host ? was: port 80 access while downloading over ppp ?
Index(es):
- Date
- Thread