> hi ya tom...
> lets see... a fully loaded question ya posed...
> you can run nmap from various online web-based testors
Like I mention my situation is bit different, I can't scan my
host from outside becuse I am behing a firwall from my ISP
then next one is mine, for example I can't connect streight forward to my
box becuse I am like in a private net of my ISP then go via his machine to
internet, this way I am not sure if I scan proporly....
but if u scan my host u will acctually scan my ISP server :)
> for the firewall ...
> - it should be running a "secure linux/bsd distro"
> and only ipchains....
> ( some might wanna run dns on it too...but...
it is my home firwall, then I want use it to
send & receive mail,
and NAT for the rest network
> - iptables belong on the firewall in your pic below..
> not with the router
> for the rest of your systems..
> - no telnet is ever needed .. ( well, mostly not...
some times I have to telnet from windows to my box, from inside of network
if my Linux box is not on, otherways I use ssh
> - smtp is only needed on the machine to send/receive emals...
> turn it off otherwise...
> - "domain" is only needed on the primary and secondary dns
> for your domain ... turn it off otherwise
I can't find it how to turn domain :>>>>>>
I remove rest without problems but domain is a tricki one ;)
but what with filtered and open stuff from nmap? how that works?
I got firewall but when I scan I have open ports,
how can I make them filtered? and if I make it filtered can I use them
tahnk you for help :)))
- Re: firewall
- From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>