Re: firewall
Tom Breza <tom@PCService-NET.co.uk> writes:
> I been installing firewall on iptables, and I have few questions,
> my situation is beet specyfic
> I am connecetd to internet somthing like this
>
> my network|-------+eth0 Router ppp0+----+ISP Firewall+------INTERNET
> | |with iptables |
>
> I put the firwall on iptables on router, Linux box with debian but I can
> scan only via nmap from inside network or from router interfaces ppp0 to
> see what ports I have open,
[snip]
If you've had a box live on the Net with portmap, DNS and lpd listening
wide for all to scan, I'd seriously worry about it being cracked already. A
machine running these services is not a firewall. (No, I don't care about
it only being on the end of a ppp dialup link; I've connected to an ISP for
the first time ever and had a scan within 30s, to a dynamic IP block; you
may now panic, or more profitably, audit your machine.)
In any case, you don't want to go around `closing ports' left right &
centre: that is no way to build a firewall policy either. DROP all by
default, and open what you need.
For further reading, look at the comp.os.linux.security FAQ at
<http://www.linuxsecurity.com/docs/colsfaq.html>, and indeed all the
resources at <http://www.linuxsecurity.com/> and
<http://www.linux-firewall-tools.com/linux/>.
ObPlug: my iptables.sh start-point for a firewall is to be found at
<http://spodzone.org.uk/packages/secure/iptables.sh>.
~Tim
--
Bagpuss gave a big yawn, |piglet@stirfried.vegetable.org.uk
and settled down to sleep. |http://spodzone.org.uk/
Reply to:
- References:
- firewall
- From: Tom Breza <tom@PCService-NET.co.uk>