[TriLUG] iptables/ipchains (WAS: Security woes)
Jeff Bollinger
jeff01 at email.unc.edu
Wed Jan 16 11:52:47 EST 2002
On the same idea, anyone know of a good GUI interface to configure and
export and IPTables script?
Jeff
--
Jeff Bollinger
University of North Carolina
IT Security Analyst
105 Abernethy Hall
mailto: jeff_bollinger at unc.edu
On Wed, 16 Jan 2002, That One Guy wrote:
> The firewall that gets setup by default in RH is ipchains still, I believe.
> The default config files are in /etc/sysconfig. For ipchains it is
> /etc/sysconfig/ipchains and for iptables it is /etc/sysconfig/iptables.
> These files will not exist unless either you create them or have it done at
> install time.
>
> Generally, I don't edit these files. I have a firewall ruleset (just a shell
> script using iptables) somewhere else and edit that which is a little more
> readable. After editing the ruleset, I'll make that ruleset active by
> running the script.
>
> Once you have the ruleset active and like you want it, you can run
> "/etc/init.d/iptables save" OR "/etc/init.d/ipchains save" which will save
> your current active ruleset to the proper file in /etc/sysconfig.
>
> Hope this helps,
> TOG
>
> On Wednesday 16 January 2002 10:50 am, Ben Pitzer wrote:
> > Roy,
> >
> > On most Red Hat 7.x installs, the iptables were set up at the outset if
> > you chose high security during the install process. This means that you
> > can probably do anything you want going out, but coming back in,
> > fuggedaboutit. Look into your iptables config (I don't remember where
> > it's stored on RH boxes, offhand. Anybody?), and modify that. You'll
> > probably want to add a line at the top of the list to open the
> > appropriate ports, and I'm sure someone here, myself included, could
> > help you with that if you need it.
> >
> > Of course, I may be saying that to you only to find out that not only
> > did you check on it already, you checked some of the iptables sources
> > into CVS. Just the same, I hope this helps.
> >
> > Regards,
> > Ben Pitzer
> >
> > On Wed, 2002-01-16 at 08:50, Vestal, Roy L. wrote:
> > > RHL 7.2, 2.4.16 with Win4Lin support and ext3 patch.
> > >
> > > -----Original Message-----
> > > From: Ben Pitzer [mailto:uncleben at mindspring.com]
> > > Sent: Tuesday, January 15, 2002 10:09 PM
> > > To: trilug at trilug.org
> > > Subject: Re: [TriLUG] Security woes
> > >
> > >
> > > Roy,
> > >
> > > What distro/version are you running, and what kernel?
> > >
> > > On Tue, 2002-01-15 at 11:19, Vestal, Roy L. wrote:
> > > > I need to start being able to ssh telnet, ssh ftp, and vnc my box here
> > > > at work. However, when I try to telnet, ssh telnet, ftp, or ssh ftp, I
> > > > get "connection refused". I'm not sure where to start troubleshooting.
> > > >
> > > > Also, I can VNC out, but not in. I'm assuming it's related. I do not
> > > > have
> > >
> > > a
> > >
> > > > firewall setup at this time.
> > > > _______________________________________________
> > > > TriLUG mailing list
> > > > http://www.trilug.org/mailman/listinfo/trilug
> > >
> > > _______________________________________________
> > > TriLUG mailing list
> > > http://www.trilug.org/mailman/listinfo/trilug
> _______________________________________________
> TriLUG mailing list
> http://www.trilug.org/mailman/listinfo/trilug
>
More information about the TriLUG
mailing list