Re: Firewall (Linux new-comer)

["Eric G . Miller" <egm2@jps.net>]

On Thu, Oct 12, 2000 at 09:07:04AM +0200, Matthias Mann wrote:
> Hi people!
> 
> I´m sitting on a single computer. Yesterday i´ve read the firewall-HOWTO and
> was very confused cause there are examples for a network system. Is there
> any possibility to build a firewall or other usefull security systems for my
> machine? I like to use netscape navigator to have fun and for my work at
> internet. And i don´t like that others have access to my computer. Wich
> packages of Debian 2.2 potato  should i use for this purpose? Or is there
> some better software available of other developers?
> 
> Have a lucky day!

Here's a small ipchains rule list for a dial-up (note: There's no
telnetd, ftpd, portmapper, fingerd, popd, imapd, or just about anything
else listening...).

:input ACCEPT
:forward REJECT 
:output ACCEPT
:ppp-in -
:ppp-out -
-A input -i ppp0 -j ppp-in
-A output -i ppp0 -j ppp-out
-A ppp-in -p tcp --destination-port 25 -j REJECT
-A ppp-in -p udp --destination-port 25 -j REJECT
-A ppp-in -p tcp --destination-port 80 -j REJECT
-A ppp-in -p udp --destination-port 80 -j REJECT
-A ppp-in -p tcp --destination-port 110:113 -j REJECT
-A ppp-in -p udp --destination-port 110:113 -j REJECT
-A ppp-in -p tcp --destination-port 137:139 -j REJECT
-A ppp-in -p udp --destination-port 137:139 -j REJECT
-A ppp-in -p tcp --destination-port 6000 -j REJECT
-A ppp-in -p udp --destination-port 6000 -j REJECT
-A ppp-in -p tcp --destination-port 7100:7101 -j REJECT
-A ppp-in -p udp --destination-port 7100:7101 -j REJECT
-A ppp-in -p tcp --destination-port 5432 -j REJECT
-A ppp-in -p udp --destination-port 5432 -j REJECT
-A ppp-in -p tcp --destination-port 27374 -j REJECT
-A ppp-in -p udp --destination-port 27374 -j REJECT


Use: $ ipchains-restore < /etc/ipchains.rules


-- 
/bin/sh ~/.signature:
Command not found