February 12th, 2003, 12:57 AM
how do i secure my linux gatewy box which has ip-masq running on it?
hi, this is something that is probably easy to fix but im not really good with manually configuring firewalls, this computer doesnt have any sites or anything hosted on it and is just used as a router / gateway setup for my dialup internet at home, i'd just like to know how i can secure it from outside 'undesirable' connections and such, i did a security scan and the results were a little worrying, i used the sygate one by the way from a computer inside the network behind my unix box...
most of the ports were closed but did respond to the test which is supposedly bad, then i had my netbios port open (thats for samba to work properly), i did this test from a windoze box inside the lan so im wondering could it be picking up the netbios port on the LAN card?
anyway, where can i find some info or a good ruleset for this type of application?
February 12th, 2003, 01:51 AM
No, you shouldn't generally be seeing those things from the outside, no matter what you are running on your private network side.
You can create a pretty good generic firewall script from http://www.hideaway.net/iptables. Just give it a little basic info like your public and private interfaces and what services you want to allow, and it will give you a reasonably tight script. Of course, it can always use a little tweaking by hand to tighten things up a little more, and it is well commented to help you do that.
That's the script that my firewall script started from, although you would hardly recognize mine now.
Do what you want with the girl, but leave me alone!
February 12th, 2003, 02:13 AM
thanx problemchild for the link, exactly the type of thing i was looking for, nice and simple for someone newish to this and wanting to do too much at once (typical of me)
greens are on their way