RE: [TCLUG:9695] An interesting site for security

To: tclug-list@mn-linux.org
Subject: RE: [TCLUG:9695] An interesting site for security
From: Ben Kochie <ben@nerp.net>
Date: Tue, 2 Nov 1999 13:57:06 -0600 (CST)
In-Reply-To: <Pine.LNX.4.20.9911021322050.10533-100000@chef.nerp.net>

ok.. i modified that command slightly..

ipchains -A input -p TCP -d 0.0.0.0/0 23 -i eth1 -j DENY

eth1 is the outside of my firewall, eth0 being the internal side

this allows me to still telnet out, but deny input

Thank You,
        Ben Kochie (ben@nerp.net)

*-----------------------*  [ - * - * - * - * - * - * - * - ]
| Unix/Linux Consulting |  [ Haiku Error Message:          ]
|  PC/Mac Repair        |  [  Chaos reigns within.         ]
|   Networking          |  [  Reflect, repent, and reboot. ]
| http://nerp.net       |  [  Order shall return.          ]
*-----------------------*  [ - * - * - * - * - * - * - * - ]

 "Unix is user friendly, Its just picky about its friends."

On Tue, 2 Nov 1999, Ben Kochie wrote:

> wow, i guess linux must be based on stealth technology, i ran the
> portscanner thing on my box at work, which is behind a perfect linux
> ip_masq firewall (no ports open to the outside, OR inside)
> 
> and it showed all my ports as closed (as it should)
> 
> but it says that closed isn't good enough, SO i tried this..
> 
> ipchains -A input -p TCP -d 0.0.0.0/0 23 -j REJECT
> 
> and look, it now shows up as a STEATH port.. 
> 
> Thank You,
>         Ben Kochie (ben@nerp.net)
> 
> *-----------------------*  [ - * - * - * - * - * - * - * - ]
> | Unix/Linux Consulting |  [ Haiku Error Message:          ]
> |  PC/Mac Repair        |  [  Chaos reigns within.         ]
> |   Networking          |  [  Reflect, repent, and reboot. ]
> | http://nerp.net       |  [  Order shall return.          ]
> *-----------------------*  [ - * - * - * - * - * - * - * - ]
> 
>  "Unix is user friendly, Its just picky about its friends."
> 
> On Tue, 2 Nov 1999, Eric Hillman wrote:
> 
> > > It says it for windows, but I think it may be useful in other respects.
> > >
> > > It's the "Shields UP!" thing at:
> > >
> > > http://www.grc.com/
> > >
> > 
> > 
> > I'd watch your step on this site -- trying to download one of their demo
> > files onto my NT box here at work generated a virus warning...
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > For additional commands, e-mail: tclug-list-help@mn-linux.org
> > 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
>

References:
- RE: [TCLUG:9695] An interesting site for security
  - From: Ben Kochie <ben@nerp.net>

Prev by Date: RE: [TCLUG:9695] An interesting site for security
Next by Date: ip_masq_ftp
Prev by thread: RE: [TCLUG:9695] An interesting site for security
Next by thread: RE: [TCLUG:9656] Evil, horrible renamed RPM vs. SRPM
Index(es):
- Date
- Thread