Re: Firewall tutorial

To: debian-user@lists.debian.org
Subject: Re: Firewall tutorial
From: David Gardi <debian@gardisoft.org>
Date: Thu, 27 Dec 2001 17:26:27 +0100
Message-id: <[🔎] 3C2B4BB3.5060804@gardisoft.org>
References: <[🔎] 0112280309100D.26561@localhost.localdomain>

Penguin wrote:

I am a complete beginner to firewalls, I would like to know if they can dothese things:
- record history of packets grouping by port number, TCP or UDP (orwhatever?), data size if any, and any suspicious things like ICMP flood.

It starts recording the moment you tell it to, so it won't be able tofetch the "history of packets".I'm sure you'd be able to find some script (probably perl) that willsort out packet filtering logs for you.. else just write one yourself,quite simple.

- record the actual data as a packet sniffer for a PPP link (my dialupmodem). I am suspicious of what's going on. I want to see ALL that stuffmoving over my link, printing it to a file or perhaps sending it to myPostgreSQL db in tables where I can select by PASS: USER: etc etc and ofcourse just inspect the raw data.

Yes you can do all of that. just man iptables (ipchains if your kernelis 2.2.x)

Also, need a tut for writing firewall rules. Got to be for a really stupidbeginner who knows nothing! :)

Google will give you loads of those, however http://netfilter.samba.org/is a good start.


Thanks


David.

Reply to:

References:
- Firewall tutorial
  - From: Penguin <penguin1@dodo.com.au>

Prev by Date: Re: 3c905c
Next by Date: Password Security
Previous by thread: Firewall tutorial
Next by thread: Re: Firewall tutorial
Index(es):
- Date
- Thread