Firewall?

**rubic_cube** · 03-24-2005, 09:43 AM

Is there a firewall in knoppix installed by default? if so where can I take a look at it and if not where can I get one such as ZA that doesn't require manual entry of ACL lists?

Thanks

**Dave_Bechtel** · 03-25-2005, 06:48 AM

--If you're installed to HD, ' apt-get install firestarter ' is what I'd recommend. There's some kind of goofy firewall involving a dog somehow on the live-cd, but IIRC it's _caused_ more problems than it has solved.

--Myself, I use a home-brewed iptables script; but I've run into some bugs with it recently after switching to broadband.

Originally Posted by rubic_cube

Is there a firewall in knoppix installed by default? if so where can I take a look at it and if not where can I get one such as ZA that doesn't require manual entry of ACL lists?

Thanks

**andrei** · 03-25-2005, 01:14 PM

if all you want to do is browse the net safely you can use this mini-script:

in /home/knoppix create a file called "blockall" and place the following script inside it:

#!/bin/sh
iptables -F
iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --syn -j DROP

(==>>note: this is the edited & corrected version of the script! <<==)

then run the following commands:

chmod +x blockall
sudo ./blockall

and that's it. All your ports are closed, you cannot run any server, but you can surf safely.

to reopen everything (to stop this script) simply execute:

iptables -F

HTH

**Dave_Bechtel** · 03-25-2005, 07:01 PM

--Have you tried ' nmap'ping a box running that script? There's no DROP rule...

Originally Posted by andrei

if all you want to do is browse the net safely you can use this mini-script:

in /home/knoppix create a file called "blockall" and place the following script inside it:

#!/bin/sh
iptables -F
iptables -A INPUT -p all -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p

then run the following commands:

chmod +x blockall
sudo ./blockall

and that's it. All your ports are closed, you cannot run any server, but you can surf safely.

to reopen everything (to stop this script) simply execute:

iptables -F

HTH

**rubic_cube** · 03-25-2005, 09:28 PM

It's ok I'll just play around with iptables some more.

**andrei** · 03-25-2005, 10:32 PM

Originally Posted by Dave_Bechtel

--Have you tried ' nmap'ping a box running that script? There's no DROP rule...

you are absolutely correct. I am sorry about being sloppy. I edited and correted the script in my post above. thanks for pointing this out to everybody

**rubic_cube** · 03-28-2005, 09:16 PM

Whenever I try and use the log command nothing happens.

The general iptables -A INPUT -j LOG to log all incoming packets does not generate anything in the syslog file, what do I need to do?

**andrei** · 03-31-2005, 02:16 PM

Originally Posted by rubic_cube

Whenever I try and use the log command nothing happens.

The general iptables -A INPUT -j LOG to log all incoming packets does not generate anything in the syslog file, what do I need to do?

it is my understanding that this script does not allow for any logging. if you want to see how it works, you need to nmap it, or use an online port scanner.

**rubic_cube** · 03-31-2005, 04:38 PM

The code logs everything, I can read the log only by doing dmesg syslog, and I can see everything that has been logged, the weird thing is if I try to open syslog any other way it says 0 bytes, so it's empty.

Thread: Firewall?

Thread Tools

Search Thread

Display

Firewall?

Re: Firewall?

Similar Threads

firewall??

Guarddog-Firewall

Firewall

firewall

Firewall

Posting Permissions