[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewall

> hi ya tom...
Hi :)))

> lets see... a fully loaded question ya posed...
> you can run nmap from various online web-based testors
> 	http://www.Linux-Sec.net/Audit/nmap.test.gwif.html

Like I mention my situation is bit different, I can't scan my
host from outside becuse I am behing a firwall from my ISP 
then next one is mine, for example I can't connect streight forward to my
box becuse I am like in a private net of my ISP then go via his machine to
internet, this way I am not sure if I scan proporly.... 
but if u scan my host u will acctually scan my ISP server :)

> for the firewall ... 
> 	- it should be running a "secure linux/bsd distro"
> 	and only ipchains....
> 	( some might wanna run dns on it too...but...
it is my home firwall, then I want use it to
send & receive mail,
and NAT for the rest network

> 	- iptables belong on the firewall in your pic below..
> 	not with the router

> 	http://www.Linux-Sec.net/distro.gwif.html#hardened
> for the rest of your systems..
> 	- no telnet is ever needed .. ( well, mostly not...
some times I have to telnet from windows to my box, from inside of network
if my Linux box is not on, otherways I use ssh 

> 	- smtp is only needed on the machine to send/receive emals...
> 	turn it off otherwise...

> 	- "domain" is only needed on the primary and secondary dns 
> 	for your domain ... turn it off otherwise
I can't find it how to turn domain :>>>>>>
I remove rest without problems but domain is a tricki one ;)

but what with filtered and open stuff from nmap? how that works?
I got firewall but when I scan I have open ports,
how can I make them filtered? and if I make it filtered can I use them
like normal??!?!?!?!

tahnk you for help :)))


Reply to: