Re: I don't have a firewall, do I?

To: debian-user <debian-user@lists.debian.org>
Subject: Re: I don't have a firewall, do I?
From: Micha Feigin <michf@post.tau.ac.il>
Date: Sat, 7 Feb 2004 21:16:37 +0200
Message-id: <[🔎] 20040207191637.GA11704@luna.mooo.com>
Mail-followup-to: debian-user <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20040207020612.GA2331@smeagol>
References: <[🔎] 20040206235205.GW2331@smeagol> <[🔎] 20040207000437.GA18189@wire> <[🔎] 20040207020612.GA2331@smeagol>

On Fri, Feb 06, 2004 at 09:06:12PM -0500, Emma Jane Hogbin wrote:
> On Sat, Feb 07, 2004 at 12:04:37AM +0000, Peter Samuelson wrote:
> > [Emma Jane Hogbin]
> > > My installed packages are at: www.xtrinsic.net/installed.txt
> > 
> > You have 'ipchains' installed, but also a 2.4 kernel image.  Those two
> > are incompatible (ipchains is the firewall configuration package for
> > 2.2 kernels), so I suspect you're not actually using ipchains.
> 
> I've uninstalled ipchains. I won't know until Monday when my client's back
> in the office if it's made a difference...if anyone else has some ideas,
> I'd love to hear them. :)
> 

It doesn't look like you should a firewall installed. Running nmap on
it returns a whole lot of ports open that shouldn't respond if a
firewall was running (I would seriously consider running a firewall
though, with all those services running and from the mail it sounds
like you are planning on leaving it connected around the clock).

One thing you can check is whether the paranoid option is enabled in
/etc/hosts.deny. If it is then, the problematic hosts have a problem
with their dns configuration. Its less secure but you could try
removing the paranoid option in that case.

Another thing is that you seem to have something weird with your apache
setup. When accessing the page using www.xtrinsic.net I get a "testing a
page" message. Accessing using 66.98.212.88 returns some page with a
whole lot of things starting with something about "backdirt.net". The
difference seems to be only in the host field that mozilla sends (using
telnet on port 80 always returns the "backdirt.net" page).

It also looks like your dns is set up a bit strangely since
www.xtrinsic.net is registered with ns2.ev1servers.net and
ns1.ev1servers.net and your ip for reverse lookup is registered with
ns1.ev1.net and admin.ev1.net which means that reverse name lookups
won't work (although that shouldn't hurt anything, just wondering if
that is intentional).

> emma
> 
> -- 
> Emma Jane Hogbin
> [[ 416 417 2868 ][ www.xtrinsic.com ]]
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>  
>  +++++++++++++++++++++++++++++++++++++++++++
>  This Mail Was Scanned By Mail-seCure System
>  at the Tel-Aviv University CC.
>

Reply to:

References:
- I don't have a firewall, do I?
  - From: Emma Jane Hogbin <emmajane@xtrinsic.com>
- Re: I don't have a firewall, do I?
  - From: Peter Samuelson <peter@p12n.org>
- Re: I don't have a firewall, do I?
  - From: Emma Jane Hogbin <emmajane@xtrinsic.com>

Prev by Date: Re: is debian right for me?
Next by Date: will php4 work in apache2 from .debs?
Previous by thread: Re: I don't have a firewall, do I?
Next by thread: Re: I don't have a firewall, do I?
Index(es):
- Date
- Thread