Re: [SLE] Tighten SuSEfirewall2
From: qrn_Hansen?= (orn.hansen_at_swipnet.se)
Date: 10/06/03
- Previous message: Buck: "[SLE] "How-To" help file"
- In reply to: Paul Trevethan: "[SLE] Tighten SuSEfirewall2"
- Next in thread: Togan Muftuoglu: "Re: [SLE] Tighten SuSEfirewall2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: suse-linux-e@suse.com Date: Mon, 6 Oct 2003 19:29:09 +0200
If you are using ADSL/DSL then you are using an ethernet device, irrespective
of weather the authendication is done using PPPoE or PPPoA. The DSL modem,
is connected to an ethernet card on your computer, and it's this ethernet
card that should be the external device. IF you have another ethernet card
on your Linux box, and are using the Linux as a gateway or router box, then
that ethernet device that is connected to your intranet, is the internal
device.
Anyways, you can also simply do all that is needed and connect ... then do a
ifconfig to see which devices exist, and check what route is to the internet
with the route command.
Hope that helps,
On Monday 06 October 2003 18:58, Paul Trevethan wrote:
> Hi Folks,
>
> I would appreciate some assistance with setting up SuSEfirewall2 please.
> My setup is:
>
> SuSE 8.2 with a Dlink 302G adsl modem connected to etho and an internal
> network running off eth1 to a 4 port switch. The network is a file
> backup/games box running WinME and an occasional laptop that transfers
> files. The only machine needing internet is this primary box running
> SuSE. I am running pppoA protocol (ISP directive). I run no services
> outside the internal network.
>
> I setup the firewall following the prompts in Yast.
>
> The very first tab is confusing to me! The external interface
> description indicates I should use eth0 but the note at the bottom
> indicates ppp0. One quotes adsl, the other dsl? I don't know if that
> means me as I use pppoA over adsl connection? Could someone
> clarify/expand there please?
>
> When running, I test the firewall against www.grc.com 'Shields Up' and
> get the following results:
>
> "quote...
> GRC Port Authority Report created on UTC: 2003-10-06 at 16:38:15
>
> Results from scan of ports: 0, 21, 23, 25, 79, 80, 110, 113,
> 119, 135, 139, 143, 389, 443, 445,
> 1002, 1024-1030, 1720, 5000
>
> 0 Ports Open
> 10 Ports Closed
> 15 Ports Stealth
> ---------------------
> 25 Ports Tested
>
> NO PORTS were found to be OPEN.
>
> Ports found to be CLOSED were: 113, 1024, 1025, 1026, 1027,
> 1028, 1029, 1030, 1720, 5000
>
> Other than what is listed above, all ports are STEALTH.
>
> TruStealth: FAILED - NOT all tested ports were STEALTH,
> - NO unsolicited packets were received,
> - A PING REPLY (ICMP Echo) WAS RECEIVED.
> ...endquote"
>
> Can anyone explain to me how to stealth all ports to the internet, but
> not block traffic on my internal network with samba?
>
> I have read all the 'howtos' and 'man' pages and I still cannot figure
> it out. I am a novice at this stuff, my only exposure to firewalls was
> in 'pick & point' world.
>
> Any relevant guidance would be appreciated.
> Paul.
- application/pgp-signature attachment: signature
- Previous message: Buck: "[SLE] "How-To" help file"
- In reply to: Paul Trevethan: "[SLE] Tighten SuSEfirewall2"
- Next in thread: Togan Muftuoglu: "Re: [SLE] Tighten SuSEfirewall2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
