Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Firewall
« previous next »
Pages: [1]   Go Down

Firewall

  • 3 Replies
  • 817 Views

Christian

Firewall
« on: May 15, 2000, 07:21:29 PM »
I want to install a firewall on my server in combination with E-smith 4.x .

I looked around for diverend firewalls. But I'm not sure witch one works in combination
with E-smith. I don't have a test machine, so I'm careful with my live one.

Can somebody give his experience on this (or a hind)??

Greetings,

Christian
Logged

B1tch-X

RE: Firewall
« Reply #1 on: May 17, 2000, 05:56:09 AM »
You should look into a program called Portsentry.

http://freshmeat.net/appindex/1998/06/26/898904215.html

Its not exactly a firewall, but if you want to monitor and restrict access to your machine, it is an excellent security tool.  Once properly installed and running, it will monitor selected ports (should only monitor ports not in use) and act as a tripwire.  Once the tripwire is tripped, you can have it react in a number of different ways.  The best defence it has is it drops the users IP into the /etc/hosts.deny file so the user cannot use any of the services of the machine, and also if you have ipchains installed it can drop the IP into ipfwadm's deny list.  Then all the user's packets sent to your machine will be forwarded (without an ACK) to a fake IP on your internal LAN.  So the packets will just time out.  Your machine will then become a blackhole for his packets.  He will no longer be able to even ping your machine.  It will completely disappear to him.  It's excellent for monitoring port scans and port specific scans (like netbus or backorifice).

I dont think E-Smith has the ipchains on it, or tools for compiling the portsentry program (it doesn't currently come in and .rpm file), but if your familiar with linux and can get these tools installed, it could be worth your wild.

B1tch-X
Logged

cryblood

RE: Firewall
« Reply #2 on: May 17, 2000, 07:07:38 AM »
The e-smith server/gateway system does indeed have ipchains installed, the ruleset for ipchains has been placed  in /etc/rc.d/init.d/masq  (did I get that path right? it's been a while since I looked) .  IMHO the rules are a little bit simple for heavy duty use, but are fine for standard small business/home use where local users are trusted.   I don't think that any further firewalling software is really required for the average installation.  I too would like to see some form of portsentry or better logging of possible attacks against my beloved e-smith box but haven't had the time/inclination to get off my fat @55 and install one.  Maybe Charlie has an RPM somewhere... (hint hint hehe).

As far as compiling software, I will here state the "party line":

Thou shalt not put a compiler or compiler type software on thy firewall !

there are VERY good reasons for this!... LOTS OF THEM!!! (and most are refered to as ROOTKIT!)
Logged

cary

RE: Firewall
« Reply #3 on: May 28, 2000, 03:19:35 AM »
I already installed the firewall from trinityos works great except i can't get ICQ to work at all.  If you want a copy email me and i will send it
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Firewall