Actually learning IP chains isn't that hard, there are example scripts everywhere. But if you wish to have more of a solution in a box, I would suggest looking at the following products: Guarddog Firestarter Cfire You can find these and more at http://packetstorm.securify.com/linux/firewall/ This month's issue of Maximum linux has reviews and tips on security too. Plus they include a CD with all the products mentioned and more. It may be worth the cash to pick up a copy. Hope this helps
David Phill Kenoyer <[EMAIL PROTECTED]> on 11/21/2000 04:14:58 PM To: Debian Firewall List <[email protected]> cc: (bcc: David Hosey/Operations/ScotiabankGroup) Subject: Blocking Ports from showing up in scans I have a small masq/web server on a DSL. I would like to make it a bit more secure. Its a default install of debian. I have nfs and samba running for my workstations to have access to the box. I have most things turned off like telnet and ftp. What I would like to do is block a few ports from the outside, but keep them for the local net. I dont really want to learn ipchains, because I dont have the time right now. I've very busy, and I would just like to do my work, but an example of how to do this would teach me a great deal. I have not found anything on web searches that would build the rules for me, that would run on a server without X installed. If anyone is willing to do the rules for me, I would really be happy. Thanks. eth0 is 10.0.0.1, private eth1 is public. My private network is using 10.0.0.x. ip_masq deb is installed. I have the following ports open on my server. I have marked with * the ones that I want to close off to the outside, and have them not show up in a port scan. (The 1505 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 25/tcp open smtp 53/tcp open domain 80/tcp open http 110/tcp open pop-3 *111/tcp open sunrpc 113/tcp open auth *139/tcp open netbios-ssn 389/tcp open ldap 443/tcp open https *515/tcp open printer *829/tcp open unknown *899/tcp open unknown *983/tcp open unknown *2049/tcp open nfs *3306/tcp open mysql *5432/tcp open postgres -- _ | _ (_()(|('.|)('||.|()|`|( -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
