while on the topic of firewalls.... i just finished configuring my first one
(well my first successful attempt anyway) with caldera open linux 2.3
(e-server release) - it only took four days straight and about 200 pages in
printed-out HOWTO's to do it =)
my question is - what is the best way to test that the firewall is secure? i
configured mine using ipchains (also doing masquerading for my internal lan,
which is set up as a 192.168.x.x network - my external interface is an isdn
connection at work). i had been reading about the prog SAINT, but it seems
that must be run from another linux box, as a remote admin sort of tool. the
linux firewall box is the only linux box on the network at my job - all others
are NT servers and win98 workstations. i also tried the port scanner at
www.hackerwhacker.com, but that only scans 11 ports (5 of which it says i have
open, though it won't elaborate without $$$). any other programs anyone could
recommend for firewall testing?
also... with an ipchains packet filter in place, how important is it that
certain ports are left open? i've turned off everything i don't need from
inetd.conf, and removed unnecessary services from my rc3.d. what other methods
are there to close ports - must i put ipchains rules in regarding specific
ports? (my firewall script is currently very general, referring only to the
ability of external traffic to traverse past eth0 onto my local lan - no ports
specified).
all in all it's been a learning experience! i didn't use any of the firewall
rule tools, just hand coded everything with the help of many web sites and
howto's. any highly recommended firewall rule creation tools out there?
thanks =)
shelly
