On Sunday 17 June 2001 02:32 am, Ross Slade wrote:
> > ipchains has been improved (long ago). 2.4.x kernels have
> > iptables support. Check to make sure iptables is installed
> > (updated, iptables-1.2.2-2mdk), and then run DrakConf as root and
> > answer the few,
>
> Is iptable's command format compatable with ipchains?
Completely different from what I can tell
Should my 'old'
> firewall work with just name changes (ie. ipchains changed to
> iptables where appropriate)
>
> -Ross
Nope. Easiest thing, at least for me, is to su to root in a
terminal and type 'DrakConf' (w/o the 's of course). Then under
'Security' / 'Firewalling' answer the questions. If you have a desktop
system with a single connection to the Net, the default answers are
already chosen for you. Presto!, you have a very secure Bastille (LM)
firewall ;>
Now if ya wanna make it more interesting and difficult ;> then type
'InteractiveBastille' in a term and you'll get the same type setup,
just a heck'of'a lot more details, choices, explainations, and chances
to really screw things up ;~>>
If for some reason you havt'a use ipchains, you can, but AFAIK
you'll have to compile a kernel and enable (Y) "ipchains ... 2,2,x
style support" during the config. This is what I was doin with 2.4.x
kernels with 7.2 (until 8.0 came along :)
Whatever, when you believe you've got it right, then try scans:
https://grc.com/x/ne.dll?bh0bkyd2 [probly not worth the time since
this 'expert' got hacked and shut down a few weeks ago. So much for
their security ;> ]
http://www.sdesign.com/securitytest/ [a basic scan and a more
comprehensive full scan, but they also got DoD'd a few weeks ago. AFAIK
tho, this is the only scan that checks all 60,000 ports. Email address
required, you're sent a report. Scan takes up to an hour]
http://scan.sygatetech.com [variety of scans, but the 'quick' scan is
probly all you need to do. Everything should report 'blocked' They
escaped being hacked BTW ;) ]
--
Tom Brinkman [EMAIL PROTECTED] Galveston Bay
