Re: security list?

Sun, 20 Feb 2000 19:18:07 -0800 

On Sun, 20 Feb 2000 21:20:38 -0500
 Doug McGarrett <[EMAIL PROTECTED]> wrote:
> Is there a list focusing on security?  I need to get
> help on firewalls.  I have the ip-chains HOW-TO, I 
> have a whole book on Linux security, but I don't really
> know how to implement the whole thing, including mail.
> --doug


this is an easy way to get it UP and running ..but you still need to block off
ports..but you can do that later.....also is this for home or business?
If for business...check out www.watchguard.com   they have a $3,500 linux based
firewall product "Firebox II" if you need to host email, ftp, etc...if not
they have a $350 Watchguard SOHO unit 10-user license and up to 50 users is $700
total...these prices are from cdw.com

> ok once you get redhat 6.1 installed
> 
> add this to /etc/rc.d/rc.local (at the very end)
> #note this doesn't block the ports just sets up NAT
> ipchains -P forward DENY
> ipchains -A forward -s 192.168.1.0/255.255.255.0 -j MASQ
> /sbin/depmod -a 
> /sbin/modprobe ip_masq_ftp
> /sbin/modprobe ip_masq_irc
> /sbin/modprobe ip_masq_quake
> /sbin/modprobe ip_masq_cuseeme
> /sbin/modprobe ip_masq_portfw
> /sbin/modprobe ip_masq_user
> /sbin/modprobe ip_masq_autofw
> /sbin/modprobe ip_masq_vdolive
> /sbin/modprobe ip_masq_mfw
> /sbin/modprobe ip_masq_raudio
> 
> in linuxconf make sure you have Router set to YES
> in other words...in /etc/sysconfig/network
> FORWARD_IPV4=true
> 
> also check out
> http://www.linux.com/security/newsitem.phtml?sid=11&aid=4445
> 
> cut from linux.com tuneup firewall section
> Keep the script kiddies outby - Skill: B - Aug 30, 1999
> 
> If someone is portscanning your computer, use the following command to block
> them out completely: 
> ipchains -A input -j REJECT -s XX.XX.XX.XX -d 0/0 -p all 
> where XX.XX.XX.XX is the IP address of the offender. 
> 
> To undo this operation you can use ipchains -F input which will flush all the
> rules. or you can use ipchains -L to find the number of the rule
> 
> anyway good luck I don't know what Signal 7 I wish I could help.


-- 
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.

Reply via email to