April 19th, 2002, 04:53 PM
ip chains for linux
Does anybody know how to install ip chains on linux. If you know of a site that tell how to explictly, i would like to know. Or if you know yourself holla at me and explain it step by step. I have verson 2.4.7-10 and I am running in KDE. [blur]Please help![/blur]
April 19th, 2002, 06:01 PM
ip chains vs iptables
SInce you are running the 2.4 kernel, you might want to think about using iptables. A stateful firewall is a really nice thing to have running (which is a happy benefit of using iptables.) The best general-information / HowTo sites that I've found for this are:
There are also tons of example scripts out there, just make sure you're careful about understanding why these samples are written the way they are. (Some of them are well documented, so that helps the learning curve a lot.)
April 19th, 2002, 09:44 PM
36_chambers, you might want to read up on netfilter (iptables) as was suggested. IIRC, it's included in the 2.4.x kernel, and it should be there by default. Check for /usr/sbin/iptables or /sbin/iptables depending on your distribution. If it's not there, go to http://netfilter.samba.org/ and read the documentation there...
Ipchains is effective as a packet filter, but some of the functionality that Netfilter offers is far superior to ipchains (such as true Source and Destination NAT, rate limiting, Stateful inspection).
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
April 19th, 2002, 11:05 PM
i didn't think anyone really used ip chains anymore....iptables is kind of taking over.
personally i use snort...it's an intrusion detection software, you can get it at http://www.snort.org/. you can get rulesets from just about anywhere, i suggest getting a new one at least once a week.
snort is also fun if you just want to see all the crap coming into your machine.
U suk at teh intuhnet1!!1!1one