Is there a firewall in knoppix installed by default? if so where can I take a look at it and if not where can I get one such as ZA that doesn't require manual entry of ACL lists?

Thanks

--If you're installed to HD, ' apt-get install firestarter ' is what I'd recommend. There's some kind of goofy firewall involving a dog somehow on the live-cd, but IIRC it's _caused_ more problems than it has solved.

--Myself, I use a home-brewed iptables script; but I've run into some bugs with it recently after switching to broadband.


Is there a firewall in knoppix installed by default? if so where can I take a look at it and if not where can I get one such as ZA that doesn't require manual entry of ACL lists?

Thanks

if all you want to do is browse the net safely you can use this mini-script:

in /home/knoppix create a file called "blockall" and place the following script inside it:

#!/bin/sh
iptables -F
iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --syn -j DROP

(==>>note: this is the edited & corrected version of the script! <<==)

then run the following commands:

chmod +x blockall
sudo ./blockall

and that's it. All your ports are closed, you cannot run any server, but you can surf safely.

to reopen everything (to stop this script) simply execute:

iptables -F


HTH

--Have you tried ' nmap'ping a box running that script? There's no DROP rule...


if all you want to do is browse the net safely you can use this mini-script:

in /home/knoppix create a file called "blockall" and place the following script inside it:

#!/bin/sh
iptables -F
iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p

then run the following commands:

chmod +x blockall
sudo ./blockall

and that's it. All your ports are closed, you cannot run any server, but you can surf safely.

to reopen everything (to stop this script) simply execute:

iptables -F

HTH

It's ok I'll just play around with iptables some more.

--Have you tried ' nmap'ping a box running that script? There's no DROP rule...

you are absolutely correct. I am sorry about being sloppy. I edited and correted the script in my post above. thanks for pointing this out to everybody

Whenever I try and use the log command nothing happens.

The general iptables -A INPUT -j LOG to log all incoming packets does not generate anything in the syslog file, what do I need to do?

Whenever I try and use the log command nothing happens.

The general iptables -A INPUT -j LOG to log all incoming packets does not generate anything in the syslog file, what do I need to do?

it is my understanding that this script does not allow for any logging. if you want to see how it works, you need to nmap it, or use an online port scanner.

The code logs everything, I can read the log only by doing dmesg syslog, and I can see everything that has been logged, the weird thing is if I try to open syslog any other way it says 0 bytes, so it's empty.