Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
A port scanner at grc.com showed me that my SMTP, HTTP server and identification ports are open to the internet!!!
I wonder why, as presently I use my Linux computer only for Internet browsing. I do not use any mail programs, and I installed no http server or such.
I only installed a local DNS caching system (named).
I decided to use ipchains to protect myself. I studyed the ipchains how-to and found that the first sample configuration could be easily tailored to my needs.
When I tried it, however, it made the internet unavailable for me.
I found that the problem may be related to the $LOCALIP keyword used in the samples to identify my dynamic IP address. It seems that my SuSE system does not recognize it, as it complains of unidentifiable service. When I use the actual IP address, its OK. But I cannot tell what will be my IP address the next time I connect to my ISP.
Can you help me to overcome the above problem, or give me a working ipchains configuration for the following system and needs:
SuSE Linux 6.4 Eval, KDE, Netscape, modem connection to ISP with dynamic IP address, IP address cashing, no mail, no ftp, no anything just browsing.
As you can't guarantee what port your incomming connections will be comming in on (you send your request to port 80 for http, yet packets will come back to your machine destine for some high numbered port - hence you don't want to go blocking these!!), you really only want to close the port you know things i will be running on. Have a look at the output at the top of
I would still prefer to use the sample firewall commands described in the how-to.
I suppose that they might easily be made to work (if I get a little help).
So, could you please tell me why this command:
#ipchains -A input -p UDP -s 188.8.131.52 -d $LOCALIP dns -j ACCEPT
results in the following error message:
ipchains: host/network 'dns' not found
When I use the actual (dynamic) IP address got from my ISP instead of $LOCALIP, as follows:
#ipchains -A input -p UDP -s 184.108.40.206 -d 220.127.116.11 dns -j ACCEPT
it also results in an error message, but a different one:
ipchains: invalid port/service 'dns' specified
'I allow UDP packets in for DNS (I run a caching nameserver which forwards all requests to 18.104.22.168, so I expect DNS replies from them only), incoming ftp, and return ftp-data only (which should only be going to a port above 1023, and not the X11 ports around 6000).
As a newbie, how could I know what that 'dns' means in this example? I thought it is something like an 'environment variable' of the system that is automatically created and updated when I set up a local, caching name server.
Based on my experiences with Linux and M$ programs, I find that usually they both have extensive documentation, only they should be used in a different way:
- in M$ programs: try the examples, understand how they work and tailor them to your needs
- in Linux: try the examples, understand why they do not work, then tailor them to your needs.
I am browsing my system files now, and in rc.config I was faced with the fact that I actually run a server on my machine. Not quite unintentionally, as I intended to run a server on Localhost, for later testing purposes of mysql + php. But my original intention was that it should be operable only for Localhost, and not for the whole Internet whilst keeping three ports totally open to the Internet when I am browsing.
Actually, in rc.config I switched off the httpd service (and also found out how to start named at start-up), but I still have port 113 being always open.
Can you tell me how to close port 113 (which service shall be disabled and where) and also the drawback of doing so?
Still want to install a firewall by ipchains (I would prefer stealthing my ports instead of closing them), if once I find out what that 'dns' means in the sample configuration.
I tried PMFirewall but it made the Internet unavailable, although I installed it to my best knowledge (which is, however, very limited).
I run it at start-up time, but it made strange strings:
It gave the Forward chain a policy of Deny, and no other rules (this may have caused the Internet access failure).
It gave the Output chain a policy of Accept, and filled it with Accept rules only (this is an other thing I could not understand).
Finally I dropped PMFirewall.
So, my questions are still relevant (and simple):
- Could someone give me a sample configuration of ipchains that allows browsing the internet, local nameserver, dynamic IP address from ISP, but otherwise protect the machine from possible attacts?
- Can anyone tell me what that 'dns' means in the sample configuration in the ipchains howto (which possibly not understood by my system)?
Thank you in advance.