/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
SoloCDM wrote:
> Are all the outside remote entries blocked by the following:
>
> LOCALIP=`hostname -i`
> LOCALNET=`echo ${LOCALIP} | awk -F. '{print $1 "." $2 "." $3
> ".0/24"}'`
> ipchains -F forward
> ipchains -P forward DENY
> ipchains -A forward -s ${LOCALNET} -d 0.0.0.0/0 -j MASQ
>
> and
>
> /etc/hosts.deny: ALL:ALL
>
> Note: When you reply to this message, please include
> the mailing list and my email address.
yes if and only if all services are invoked via inetd and
tcpwrapper which is not usually the case (e.g. smtp, www).
the ipchains commands do not protect the masquerading host
at all. the /etc/hosts.deny only protect services that are
invoked via tcpwrapper.
note: when you download nmap from www.insecure.org, learn
how to use it and scan your masquerading host from the
outside as root, ports handled by inetd and tcpwrapper may
look open because inetd accepts the connection even though
tcpwrapper will then immediately close the connection.
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
