--- [EMAIL PROTECTED] wrote: > > On Mon, 23 Aug 2004 13:05:00 +0800, "Katipo" <[EMAIL PROTECTED]> > said: > > > >In any case, I've as yet been unable to find any way of getting > > >detection and authorization of outgoing requests with any > > >of the Linux firewalls, or with IPtables - although I can hardly say > > >that > > >I've thoroughly done my homework > > > > > Even firestarter provides some degree of configurability in this > respect. > > It will block ports on an individual basis, if you can identify > them as needing to be blocked - but AFAIK the iptables script it sets > up, > defaults to forwarding all requests from internal processes. (If I'm Like the FW communicating with the system? This is not lightly setup, thought a netstat could fetch(ony what's going on when it's run) this info. There is a system where the FW can look at the user and name of the program, but this likely is not what your talking aobut.
> wrong about that, or if there is some way to get it even to flag > outgoing > access attempts by newly spawned processes, I'd like to know about > it...) Like iptables -A OUTGOING -m state -state NEW -j log? Like I said you can have the User:ID and program name printed as well, I think? If not you could have syslogd trip of a "netstat -p" run and have that e-maild to you. > > > Asking in the right place helps. > > A number of people here would have the answers you're looking for, but > > > Debian has a firewall list. > > Yes - I asked about that earlier. I posted to the firewall list > earlier, > in fact, and got no response at all. Additionally, there is a lot of > traffic on here other than my own, WRT firewall and iptables subjects. > I'll cross-post this to the firewall list, but I'm really getting the > impression it doesn't get used much... maybe I'm wrong, but I'm signed > up on it and don't see as much traffic on there as I do about firewall > on the "users" list. > I can assure you that where here, just recently we setup a wiki. http://wiki.debian.net/index.cgi?Firewalls, feel free to add your experties with Linux and/or Debian Fierwalls there. I would love to read about your ideal settup. > > > Itt might be an idea to check out apps like tinyhoneypot amongst > others, > > also. > > Thanks... I'll do that - it sounds like there's at least one area I > haven't > explored yet... > > > > >(Okay, now, everybody yell in unison: "WELL GO RUN WINDOWS THEN!!!") > > > > > > > > Failing that, go run windows. > > Why, thank you. I needed that. (But not to worry, I'm on my way out of > Billyworld permanently, one way or the other, difficulties > notwithsatanding...) > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > _______________________________ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush
