[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sheflug] firewall config made easy

To: "'slug@onelist.com'" <slug@onelist.com>, "'sheflug@vuw.ac.nz'" <sheflug [at] vuw.ac.nz>
Subject: [Sheflug] firewall config made easy
From: "Paul Sims" <nospam [at] lombard.co.uk>
Date: Fri, 22 Sep 2000 13:51:30 +0100
List-help: <http://www.sheflug.co.uk>
List-owner: <mailto:sheflug-admins [at] vuw.ac.nz>
List-post: <mailto:sheflug [at] vuw.ac.nz>
List-subscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=subscribe>
List-unsubscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=unsubscribe>
Organization: ICL
Reply-to: "Sheflug" <sheflug [at] vuw.ac.nz>
Sender: sheflug-bounce [at] vuw.ac.nz

For the terminally hard-of-thinking like myself, "ipchains-firewall 1.7.1" 
makes deploying a full stealth mode but transparent firewall a piece of 
cake.
See http://firewall.langistix.com/ for the download - a simple (ok, not at 
all simple) shell script.

One caveat - if you try to run the script to firewall ppp0 when you don't 
have a connection up then it will terminate with an error. My solution was 
to simply invoke the firewall as the first item in /etc/ppp/ip-up.local, so 
the firewall only comes up when needed.

I used Shields UP! and the port scanner on http://www.grc.com to check the 
firewall's effectiveness. I gave up trying after about 30 mins when the 
port scanner was still bashing away and returning every port as "Stealth".

Paul.

"WorldSecure Server <lombard.co.uk>" made the following
 annotations on 09/22/00 13:51:32
------------------------------------------------------------------------------
The opinions expressed within this email represent those of the 
individual and not necessarily those of Lombard North Central. 

The contents of this Email may be privileged and are confidential. It may not be disclosed to or used by anyone other than the addressee(s), nor copied in any way. If received in error, please advise the sender, then delete from your system.

Should you wish to use Email as a mode of communication, Lombard North Central PLC  are unable to guarantee the security of Email content outside of our own computer systems. 


Lombard North Central PLC
Registered in England No 337004
Registered Office 3 Princess Way Redhill Surrey RH1 1NP
A Member of the Royal Bank of Scotland Group 



 

==============================================================================

---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Prev by Date: Re: [Sheflug] open magazine and computer parts
Next by Date: RE: [Sheflug] firewall config made easy
Prev by thread: [Sheflug] Flakey distros.
Next by thread: RE: [Sheflug] firewall config made easy
Index(es):
- Date
- Thread