Guys thanks for the response, this is my present network setting :
Server : (RH9, internal eth0 192.168.0.5 external eth0 : 203.204.202.11), the
reason for having an external because i have a dsl connection.
Services : Samba, DNS, Squid, SSHd, Apache (for local, and planning to
implement outside web).
Workstation : (4 units, all running on Windows Micro$oft., local 192.168.0.x)
Application : Yahoo Messenger, MIRC, AudioGalaxy, Chikka
My ideal firewall would be :
(First, i need to know how to execute the command, and what files or directory, where
to put the command)
1. to be able to connect the RH9 server to the internet safely without the hassle of
being paranoid.
2. to be able all workstation to browse the internet, through SQUID without being
DENIED by the firewall.
3. to be able to use the MIRC, AudioGalaxy and Chikka, from the workstation, without
jepordizing the server and all the workstation
4. to be able to connect to the RH9 server from the workstation using the SAMBA
5. to be able to have a working apache locally with a secure server.
6. and should i be able to buy a domain name, and implement the apache from outside, i
would be confident that the RH9 server is AT LEAST safe enough.
7. to be able to connect through SSH from a PARTICULAR workstation with an IP ADD:
192.168.0.3
From the above mentioned request, i really appreciate for the help. Thank you all.
jeremy
P.S.
And also i need to know on how i can reset the Iptables/firewall setting, in case i
would accidentally type the wrong or excute the wrong command.
thanks again.
----- Original Message -----
From: Rafael 'Dido' Sevilla <[EMAIL PROTECTED]>
Date: Sun, 19 Oct 2003 11:14:19 +0800
To: Philippine Linux Users Group Mailing List <[EMAIL PROTECTED]>
Subject: Re: [plug] vulnerable server
> On Sun, Oct 19, 2003 at 06:57:54AM +0800, Horatio B. Bogbindero wrote:
> >
> > uhh. mabye you should at all allow all localhost traffic:
> >
> > iptables -t filter -A INPUT -i lo -j ACCEPT
> >
>
> Right. This is what I get for posting inebriated. :p
>
> > and some outgoing traffic such as HTTP, DNS and others:
> >
> > iptables -t filter -A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
> > iptables -t filter -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
> >
>
> Which of course depends on what you're trying to do.
>
> > also you can modify the rules in the /etc/sysconfig/iptables
> > file which is always a good starting point when setting up your
> > own rules.
> >
> > also doing things the RedHat way, you can use the redhat-config-network
> > tool to configure your firewall settings. i think. or was that some
> > other tool (redhat-config-*).
> >
>
> Much easier to use the lokkit program than to fiddle around with their
> many redhat-config-* programs.
>
> --
> Philippine Linux Users' Group (PLUG) Mailing List
> [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
> Official Website: http://plug.linux.org.ph
> Searchable Archives: http://marc.free.net.ph
> .
> To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
> .
> Are you a Linux newbie? To join the newbie list, go to
> http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
--
______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
--
Philippine Linux Users' Group (PLUG) Mailing List
[EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
Official Website: http://plug.linux.org.ph
Searchable Archives: http://marc.free.net.ph
.
To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
.
Are you a Linux newbie? To join the newbie list, go to
http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
