Re: security newbie - /var/log/messages scans

From: David (thunderbolt01@netscape.net)
Date: 06/03/02


From: David <thunderbolt01@netscape.net>
Date: Mon, 03 Jun 2002 00:41:34 GMT

tux lover wrote:
> this is my ipchains script:
> http://www.redhat.com/support/resources/tips/firewall/firewallservice.html
>
[snip]
>
> not that i can see.
>

Ok. The catch all rule for the output side of that firewall is rule #6,
but not rule #6 for the firewall if you haven't made any changes.

As root run the following to see what it shows.

ipchains -L output
OR:
ipchains -L output --line-numbers

-- 
   Confucius:  He who play in root, eventually kill tree.
Registered with the Linux Counter.  http://counter.li.org



Relevant Pages

  • Re: IPChains
    ... Dans sa prose, Dan Evans nous ecrivait: ... > An unusual problem with IPChains. ... > goes through the firewall OK, with it turned off, all traffic is ...
    (comp.os.linux.networking)
  • Re: iptables firewall script for linux
    ... "ipchains: Incompatible with this kernel". ... port is shown as LISTENING. ... What's wrong with reading the HOWTOs? ... included for their basic firewall concepts. ...
    (comp.security.firewalls)
  • Re: I like SNORT but I need a Firewall as well (GUI for IPChains/Tables))
    ... >> I have Ipchains and Tables on my RH 7.2 box but I wanted something more. ... but when I did another install I installed Plesk Control panel ... > You can write a firewall script using any text editor. ... > use an editor though fwbuilder is quite nice. ...
    (comp.os.linux.security)
  • Re: I like SNORT but I need a Firewall as well (GUI for IPChains/Tables))
    ... >> I have Ipchains and Tables on my RH 7.2 box but I wanted something more. ... but when I did another install I installed Plesk Control panel ... > You can write a firewall script using any text editor. ... > use an editor though fwbuilder is quite nice. ...
    (comp.security.firewalls)
  • Re: lighting---hacked!
    ... no firewall will protect a web server if the web server ... OP's "focus on ipchains is mis-directed" - I was disagreeing with you ... > One should not rely upon IPCHAINS to protect an insecure sshd daemon. ... > firewall a server is to create a protected DMZ BEHIND a pure ...
    (comp.os.linux.security)