Been reading up on my spare time (did read
the ipchain, net and a few other howtos), but I still am a total newbie:)
Got some question on how to "put your suggestions to work". Also if anyone has a
link on how to use -REDIRECT, plz provide:)
"For a firewall machine,
I'd not only comment them out, but install TCP_wrappers and deny all connections
to the firewall from the internet. (/etc/hosts.deny , syntax is in the man
page for hosts.deny)"
"Why not uninstalling these
services?"
Ok, what are TCP_wrappers? And how would I
go about uninstalling services? Also what services do I need to keep for a
basic firewall?
"What I usually do is put my ipchains rules in a file called
ipchains.sh and execute it at the end of my rc.local
script."
"A good
solution is to create a init script, put it in /etc/init.d/ and create the init
links (for example with update-rc.d)."
Haven't found an HOWTO on scripting, is
there one? Or could you "walk me through it", if not to long? I assume
ipchains.sh is simply a sequence of command, but I have no clue how to set
up rc.local. What are init links?
"Depends on what you're capturing the traffic with. Did you plan on
using something in
particular? " Wasn't planning on using anything in
particular. Just want the output to be written to some text file. I know it's
written to a file called messages right now, but this file is not specific for
ipchains.
A new
question:
-What is the port number for smtp,
pop3, www and DNS on my firewall, not on the remote server? And do these
port numbers change depending on the local hosts which is accessing the
"net"?
|