Re: SuSeFirewall config

From: Paranoid about Spam (please_at_dont.spam.me)
Date: 07/10/04 

Date: Sat, 10 Jul 2004 12:28:40 GMT

Oh yeah... And I'm running SuSe 9.1

I'll give you a for instance here, since I just noticed it. In the last
hour, I've had 22 failed login attempts trying to attach to mysql. I
need to block that port!

Paranoid about Spam wrote:
> Sorry, I should have provided more information.
>
> Yes, I do have a good reason for running a dns server :) It's for my
> small business, and we run our own dns.
>
> The remainder of the firewall seems to work ok. http and https
> connections work fine.
>
> I've tested by running nslookup from my home pc with our dns server set
> as the server.
>
> With the firewall started, I cannot get a response. With the firewall
> stopped, I get responses just fine.
>
> I'm not trying to use the firewall to protect a network, just as an
> additional layer of security on the server itself. I want to block all
> requests on ports that I'm not actively using.
>
> I cannot telnet or ssh into port 53 from home regardless. I seem to be
> able to from localhost, but I don't get any info from the session.
>
>
> houghi wrote:
>
>> Paranoid about Spam wrote:
>>
>>> I've tried to set the firewall up for my server, but I'm having
>>> problems.
>>>
>>> I'm using yast to config the firewall.
>>>
>>> I tried to set up dns service by entering "domain" as an additional
>>> service. DNS requests are still blocked. I've also tried entering
>>> the number 53, but that doesn't work either.
>>>
>>> Am I confused about the port that dns runs on, or do I have to do an
>>> extra configuration for high numbered UDP ports or something like that?
>>
>>
>>
>> Do you have a fixed IP? If not, there is no reason you should be running
>> a DNS server. The firewall goes from out to in. What are you trying to
>> do exactly?
>>
>> You are confusing two problems here. 1 is the firewall, the other is
>> running a DNS server. Start with the first thing. Can you reach port 22
>> if you open it (Asuming you have ssh running).
>>
>> If that works, run ssh on port 53 and try again on that port. If that
>> works, there is no problem with the firewall. If that does not work, we
>> can investigate further.
>>
>> So first step one. Does the rest on your firewall work or not and how do
>> you test it?

Relevant Pages

  • Re: Mac `owned in hacking competition
    ... the router's port forwarding rules. ... The firewall or a NAT router only stops connections initiated from ... ssh will let you set up forwarded ports in both ... You start an ssh session from the target machine (this is ...
    (uk.comp.sys.mac)
  • RE: ssh attempts
    ... Change the port to something different than port 22. ... Subject: Re: ssh attempts ... > forget the excellent iptables firewall you probably already have on ... >>> Computer Emergency Response Teams, ...
    (Security-Basics)
  • Re: Reverse Shell?
    ... >> behind a firewall so I can't ssh into their computer. ... > follow the tunnel back to their machine and then help them. ... Connections to that port will be forwarded through the ...
    (Debian-User)
  • Re: need help for setting SSH Server for Windows XP
    ... In my windows firewall proper ports are opened. ... Changing from port 22 to ports 80, 443 also doesn't give any results. ... static LAN IP of the server PC. ... It is *NOT* a valid test to call the SSH server PC from another ...
    (microsoft.public.windowsxp.work_remotely)
  • RE: Tunneling over ssh with termination by the FW
    ... I would use something like Putty (ssh client software) to open a secure ... tunnel with the firewall. ... If the firewall has the sshd running on port ...
    (SSH)