/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */ Hey Everyone, One CRITICAL change and lots of other good ones!! 269 users on the list: -- N 9/26/99 Updated the Bzip2 URL * Sent [Section 5] Update * G Added a URL to Scott Gentry's Linux Dialup RAS server HOWTO [Section 5] *C* ** Updated the IPCHAINS ruleset to fix a critical ordering mistake. ** ALL TrinityOS IPCHAINS users ** should at least FIX your rulesets ** (simply MOVE 5 lines) Here is the notes from the firewall comments: # *CRITICAL* The ordering of the # ACCEPT of the HIGH PORTS in the # output ruleset are WRONG!! # # Moved them to be AFTER all the # various REJECT lines but before # the final output reject. # # Several comment additions # # Changed the DGW variable to EXTGW, # added the XWINDOWS_PORTS variable. # # Put a copy of the actual firewall # ruleset up on the WWW site at: # # http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS-files/rc.firewall-3.20-Trin ityOS [Section 10] N Added a pointer for users to see Section 46's URLs in section 5 [Section 42] N Moved all TrinityOS updatess 8/27/99 to 5/23/99 to the TrinityOS-old-updates page. [Section 100] ------------------ N 9/22/99 Changed the name of Section 6 to "Advanced System Logging and some Cool Tips" [Section 2] N Added the URL to the BASH HOWTO [Section 5] N Changed the name of the section to "Advanced System Logging and some Cool Tips" [Section 6] N Updated the Distributions section a little and added URLs and more pointers to other distros. [Section 6] N Added a little blurb on creating more readible BASH prompts (coloring it). [Section 9] ------------------ G 9/20/99 Updated the IPCHAINS ruleset to 3.13 to support a commented FORWARD rule for Diald users. [Section 10] I I have officially announced that the IPFWADM rulesets are DEAD. No worries though, there are IPCHAINS patches for 2.0.x kernel users. With these patches in place, 2.0.x kernel users can use IPCHAINS. As it stands, the IPCHAINS rulesets in TrinityOS are much MUCH better than the IPFWADM ones. [Section 10] ------------------ N 9/16/99 Added a few more search and replace items to match with the firewall rulesets. [Section 7] Updated some of the IP addresses in the IPCHAINS rulesets to reflect the Search&Replace section of TrinityOS [Section 10] ------------------ N 9/15/99 Moved the output of the various Sendlog log files to /etc/info/logs. [section 9] G Added a little section on Scour.net's SMB crawler [Section 50] ------------------ N 9/14/99 Fixed the IPCHAINS ruleset to use the $EXTIF variable when doing the dynamic EXTBROAD variable. It was hard coded to ETH1. I Also added additional filtering for NetBus Pro, Win Crash, Socket De Troye, and the Unknown Trojan Horse (Master's Paradise [CHR]) trojans in the OUTPUT filter of the IPCHAINS ruleset. Thanks to [EMAIL PROTECTED] for both of these. [Section 10] ------------------ N 9/13/99 Fixed the SSH v1. version from 1.0.27 to 1.2.27. [Section 5] ------------------ G 9/11/99 I've added a whole Anti-SPAM email section. It talks about how to cryptic email headers, how to notify innocent spam relayers, and how to report careless SPAM relay sites. [Section 50] N I moved the Security patching section from Section 50 to 60. ------------------ I 9/8/99 Updated the IPCHAINS ruleset to enable DHCP on the external internface per default. This was the stated default but the configuration wasn't correct. [Section 10] ------------------ .----------------------------------------------------------------------------. | David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] | !---- ----! `----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----' _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
