> hi ya tom... Hi :)))
> > lets see... a fully loaded question ya posed... > > you can run nmap from various online web-based testors > http://www.Linux-Sec.net/Audit/nmap.test.gwif.html Like I mention my situation is bit different, I can't scan my host from outside becuse I am behing a firwall from my ISP then next one is mine, for example I can't connect streight forward to my box becuse I am like in a private net of my ISP then go via his machine to internet, this way I am not sure if I scan proporly.... but if u scan my host u will acctually scan my ISP server :) > for the firewall ... > - it should be running a "secure linux/bsd distro" > and only ipchains.... > ( some might wanna run dns on it too...but... it is my home firwall, then I want use it to send & receive mail, Firewall and NAT for the rest network > > - iptables belong on the firewall in your pic below.. > not with the router > > http://www.Linux-Sec.net/distro.gwif.html#hardened > > for the rest of your systems.. > - no telnet is ever needed .. ( well, mostly not... some times I have to telnet from windows to my box, from inside of network if my Linux box is not on, otherways I use ssh > > - smtp is only needed on the machine to send/receive emals... > turn it off otherwise... yep > > - "domain" is only needed on the primary and secondary dns > for your domain ... turn it off otherwise I can't find it how to turn domain :>>>>>> I remove rest without problems but domain is a tricki one ;) but what with filtered and open stuff from nmap? how that works? I got firewall but when I scan I have open ports, how can I make them filtered? and if I make it filtered can I use them like normal??!?!?!?! tahnk you for help :))) Tom
