Guarddog Firewall
just a hopefully simple question here,
im nmapping myself to check for some holes ans such and noticed logging into my box with ftp and ssh were simple, so i looked at my guarddog config and blocked both ftp and ssh and still when i use ftp to log into my system it connects?? shouldnt it refuse me?? i know guarddog is considered pussy in the Linux world but im still new to the iptables thing and needed something even if it is basic! |
Hey, I use Guarddog too, and think it's better than slapping some buggy iptables script in til I can find time to learn it.
Which version are you using? Does it give the little output status window when you apply the new rules? Eg: Using iptables. Resetting firewall rules. Loading kernel modules Setting kernel parameters. Configuring firewall rules. Finished. Sure you're not changing the rules for the wrong zone, eg changing Internet access but logging in via Local/LAN? :) |
i dont know what version. im not at my box. i know its the newest version cause i got it last night!! ya when i make changes it says iptables updated and all that, you think guarddog is better than a real script?? huh, maybe ill stick with guarddog then!!!! i know it works good cuase i went to that website that scans your ports and all and the only one that came up was stmp and the rest were marked stealth!!!! ya baby!!!, anyways ill try what you said. thanks!!!
|
Well can you remember if you got a prepacked .rpm, or compiled from the 2.0.0 source, or the development 2.1.3 maybe? :)
If you open your /etc/rc.firewall in a text editor (as root, and I'd be careful not to execute it instead) you can see the commented script which generates the rules. It is generating quite a good ruleset, and with such an easy gui it's great til you learn exactly which rules you need to write. I'd just be certain to check that ftp thing though. I think I'll go hunt an Mdk9.1 rpm of 2.1.3 now actually, Guarddog rules :cool: |
It must have been source.. i had to do ./configure, make, make install, to get it to work and it was in tar.gz format. and ya i have the regular 2.0 version.
|
Well I resorted to trying to compile 2.1.3 and when making it couldnt find /usr/lib/libfam.la but my system does have a /usr/lib/libfam.so.0
I'll wait for at least 2.1.0 mdk9.1 rpms :) |
so dou you know why it wont block my smtp port, i have it blocked
in the options but when i iuse the shields up website to scan me it says its still wide open!!! everything else blocks, telnet..ftp..etc. |
If you read through the rc.firewall script, in the iptables bit, there is:
Quote:
Edit: You said SMTP, not ICMP :o Still might be something in there... So is it now blocking ftp when previously it wasnt? :confused: |
umm, no i guess ftp is still giving access, i just ftp'd myself and i connected, how do i refuse connection to that?? i got telnet refusing but ya ill check my .rc file and se what it looks like, even though i wouldnt really know how to modify it, im still new and the hardest things ive done so far was compiling mplayer and wine, well getting wine to work!!! it was easy to install so ya im really into internet security and basically want my system to be real hard to break into, and one more thing, does guraddog update their product weekly,monthly,yearly, etc..
|
Quote:
I dunno how to modify it either atm. From browsing their site, there seems to be a lot of effort focused on testing and debugging the new Development version 2.1.3, while the official stable release seems to be held at 2.0.0. Maybe try 2.1.1 for newer release vs stability and security. Quote:
|
All times are GMT -5. The time now is 08:55 AM. |