I have used and am still using a program written by a RH Lecturer Richard Keech it
utilises iptables and is very easy to configure to allow only what you want in and out
and also filter the rest of the crap such as icmp and the like.
It maybe worth a look for you it can be got from http://poeple.redhat.com/rkeech
Andrew Loughnan
-----Original Message-----
From: Christopher Lyon [mailto:[EMAIL PROTECTED]
Sent: Tue 3/06/2003 11:16 AM
To: [EMAIL PROTECTED]
Cc:
Subject: RE: PortSentry Like functions
> -----Original Message-----
> From: Michael Fratoni [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 02, 2003 6:04 PM
> To: [EMAIL PROTECTED]
> Subject: Re: PortSentry Like functions
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Monday 02 June 2003 08:10 pm, Christopher Lyon wrote:
> > I am looking for a way to lock down a box with Redhat 8.0 on it that
> > has mysql, apache and other misc services on it to just specific ip
> > addresses and to the localhost. I didn't want to do go the extent of
> > getting iptables or netfilter up on it I just wanted something basic
> > that would work with all of these programs. Does anybody have any
> > suggestions? I did look at portsentry but is seems the psonic was
> > bought by Cisco and I don't know if they are still doing anything
with
> > that anymore. Also, it wasn't clear that it would work with mysql.
> > Anyway, does anybody have any thoughts on this?
>
> You really want a firewall, portsentry isn't enough.
> That said, I've been building portsentry packages since before Cisco
> bought Psionic:
> http://www.tuxfan.homeip.net:8080/rpms/portsentry-1.1-1.i386.rpm
> http://www.tuxfan.homeip.net:8080/rpms/portsentry-1.1-1.src.rpm
It is going to be a box on the inside network and I just want to give it
a little bit more protection then just wide open. So, this should work
with mysql and such?
>
> - --
> - -Michael
>
> pgp key: http://www.tuxfan.homeip.net:8080/gpgkey.txt
> Red Hat Linux 7.{2,3}|8.0 in 8M of RAM: http://www.rule-project.org/
> - --
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
>
> iD8DBQE+2/P2n/07WoAb/SsRArz9AJ4/RToQeD0UnVIGKUVO+5lzbYMMDwCfdMiw
> Kizmda9YxMq3shjPUglvCjA=
> =Vkan
> -----END PGP SIGNATURE-----
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]
> https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
