I took Hal Burgiss's firewall script (modified version of nerdherd) and it seems to work as advertised for me. I test it with ShieldsUP http://grc.com/x/ne.dll?rh1ck2l2 (or https://grc.com/x/ne.dll?bh0bkyd2 ...not sure ofthe exactaddr) and many ports previously shown as 'open' now show as 'stealth' I left ftp(21) open, and identd(113) open are either necessary? -- if i want to ftp to my firewall box at home from somewhere else, say at work, for downloading a file on homebox to the workcomputer or for uploading a workfile to my homebox do I or don't I need ftp open on my home firewallbox? --I am even less knowledgeable about identd(113) . I think Hal left thisone open.... Are there clear guidelines as to when it is advisable to leave identd open? FYI and a plug for ShieldsUP: it is trivial to use. it probes your ports and returns one of open ---generally bad closed ---good but port still visible... stealth --- best for security here is the partial response to its probing of my system _before_ implementing the firewall 21 ftp open 25 smtp open 80 http open 113 ident open 139 netbios open 23 telnet closed 79 finger closed 110 pop3 closed 143 imap closed 443 htps closed and here is the response ----with new firewall.sh in /usr/sbin --- and called as last command from /etc/rc.d/rc.local 21 ftp open FTP servers have many known security vulnerabilities ... 23 telnet stealth There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!... 25 smtp stealth 79 finger stealth 80 http stealth 110 pop3 stealth 113 ident open Identification/Authorization Service - Internet servers such as POP, IMAP, SMTP, and IRC query this port in response to client connections.It should NEVER be open since this is a source of tremendous information escape. 139 netbios stealth 143 imap stealth 443 https stealth ------ end of response from shieldsup so everything is stealth, except for ftp(21) and identd(113) which ShieldsUP says should be at least _closed_ if not _stealth_. I dont think I have a clue as to how to get identd to _closed_. I think if i take out the explicit opening in the firewall it will show up as _stealth_ like the others shown above. regards, Jack ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
