[NTLUG:Discuss] firewall rules (long)

[David Stokes]

--- Kelly Scroggins <kelly at cliffhanger.com> wrote:
> I've been trying to set firewall rules.  I've not had any success. 
> I've
> used the examples given in the "Linux Network Toolkit" and the
> "Firewall
> HOWTO".  (Listed at the bottom of this message.)
> 

> When these rules are implemented, and not working properly, I try to
> reverse
> (flush) them with the flush commands but only a reboot sets things
> straight.   ?

> 
> Does anyone have any suggestions as to what I may be missing?

You'ld be better served by going to ipchains as it is a little more
straight forward in setup and is more efficient. Grab a copy of the 
prebuilt scripts from http://nerdherd.org/ipchains and plug in your IP.
 

> And how much protection does the "ALL:ALL" setting in the
> /etc/hosts.deny file provide?

I would suggest that you first block access with ipchains because it
stops the unwanted packets much lower 'in the stack'  and then use
tcpwrappers mainily as a logging tool.  The 'ALL:ALL' does work but
then you have to start letting packets in by the host.allow file. If
you do protect you system this way besure to test the rules to make
sure you know the settings are 100% the way you want them.  It's more
efficient to toss the bad packets away at kernel level and safer too.
===

-David Stokes-
david_stokes at yahoo.com


__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com