Tom Breza <[EMAIL PROTECTED]> writes: > I been installing firewall on iptables, and I have few questions, > my situation is beet specyfic > I am connecetd to internet somthing like this > > my network|-------+eth0 Router ppp0+----+ISP Firewall+------INTERNET > | |with iptables | > > I put the firwall on iptables on router, Linux box with debian but I can > scan only via nmap from inside network or from router interfaces ppp0 to > see what ports I have open, [snip]
If you've had a box live on the Net with portmap, DNS and lpd listening wide for all to scan, I'd seriously worry about it being cracked already. A machine running these services is not a firewall. (No, I don't care about it only being on the end of a ppp dialup link; I've connected to an ISP for the first time ever and had a scan within 30s, to a dynamic IP block; you may now panic, or more profitably, audit your machine.) In any case, you don't want to go around `closing ports' left right & centre: that is no way to build a firewall policy either. DROP all by default, and open what you need. For further reading, look at the comp.os.linux.security FAQ at <http://www.linuxsecurity.com/docs/colsfaq.html>, and indeed all the resources at <http://www.linuxsecurity.com/> and <http://www.linux-firewall-tools.com/linux/>. ObPlug: my iptables.sh start-point for a firewall is to be found at <http://spodzone.org.uk/packages/secure/iptables.sh>. ~Tim -- Bagpuss gave a big yawn, |[EMAIL PROTECTED] and settled down to sleep. |http://spodzone.org.uk/
