Re: [fw-wiz] Securing a Linux Firewall

From: Brian Hatch (firewall-wizards@ifokr.org)
Date: 07/23/02 

From: Brian Hatch <firewall-wizards@ifokr.org>
To: Marc DVer <mdver@whiteeagletox.com>
Date: Tue Jul 23 13:50:02 2002

> I have a computer set up for the exclusive use as a gateway/firewall running
> IPChains. I would like to know if I can safely shut down the rpc.statd
> service. According to the man page, " It is used by the NFS file locking
> service, rpc.lockd, to implement lock recovery when the NFS server machine
> crashes and reboots." Since I am not using NFS (or at least I believe I am
> not; the firewall is the only *nix computer on the network, and isn't used
> for file sharing) can I safely turn this off? I have read that turning off
> unneeded services is needed to secure a linux box, which is doubly a concern
> with a firewall.

Can? Yes. Should? Definately. Post-haste. Shut
it and everything else down. When you're done, you
should have no network services except SSH available
(both TCP and UDP - check both). And even SSH should
be allowed (via your ipchains rules) only from a
few administrative hosts.

However you may find using a 2.4 kernel will offer you a
much more robust firewall/filtering mechanism using
iptables (netfilter) instead of ipchains. 

--
Brian Hatch                  FATAL ERROR:
   Systems and                x86 architecture found.
   Security Engineer
www.hackinglinuxexposed.com
Every message PGP signed

Relevant Pages

  • Help With IPChains
    ... the firewall is stopping them. ... When I flush ipchains, access a site that was previously blocked, then ...
    (comp.os.linux.security)
  • Re: Help with IPchains
    ... But i still have the same problem as i have samba that i have to ... > Personally, I would suggest not using NFS, and/or finding a more secure ... and restart ipchains, and it goes right it..This part i ... >> I am trying to run ipchains firewall on my computer connected to ...
    (Security-Basics)
  • Re: IPChains
    ... Dans sa prose, Dan Evans nous ecrivait: ... > An unusual problem with IPChains. ... > goes through the firewall OK, with it turned off, all traffic is ...
    (comp.os.linux.networking)
  • Re: iptables firewall script for linux
    ... "ipchains: Incompatible with this kernel". ... port is shown as LISTENING. ... What's wrong with reading the HOWTOs? ... included for their basic firewall concepts. ...
    (comp.security.firewalls)
  • Re: lighting---hacked!
    ... no firewall will protect a web server if the web server ... OP's "focus on ipchains is mis-directed" - I was disagreeing with you ... > One should not rely upon IPCHAINS to protect an insecure sshd daemon. ... > firewall a server is to create a protected DMZ BEHIND a pure ...
    (comp.os.linux.security)