[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Sheflug] firewall config made easy
>===== Original Message From "Sheflug" <sheflug@vuw.ac.nz> [at] vuw.ac.nz =====
>For the terminally hard-of-thinking like myself, "ipchains-firewall 1.7.1"
>makes deploying a full stealth mode but transparent firewall a piece of
>cake.
>See http://firewall.langistix.com/ for the download - a simple (ok, not at
>all simple) shell script.
>
>One caveat - if you try to run the script to firewall ppp0 when you don't
>have a connection up then it will terminate with an error. My solution was
>to simply invoke the firewall as the first item in /etc/ppp/ip-up.local, so
>the firewall only comes up when needed.
>
>I used Shields UP! and the port scanner on http://www.grc.com to check the
>firewall's effectiveness. I gave up trying after about 30 mins when the
>port scanner was still bashing away and returning every port as "Stealth".
ShieldsUP is hardly an effective security audit. :)
It checks a few common ports for Windows machines - SMB/NetBIOS for example,
as
well as a few other common ones, ftp, telnet.
Try www.nessus.org - download nessus and goto insecure.org and get nmap.
Attack the firewall with them to start with.
Baz.
----
Barrie J. Bremner
Email: TheEnglishman [at] ecosse.net
(PGP key available at my website)
URL: http://www.geocities.com/thefatenglishman
Telephone: UK 01672 811246
Mobile: UK 07968 792975
Help Micro$oft stamp out piracy - get Linux.
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.