Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I already read up on this. I am using the SME server as a gateway and private server only. I then have it connected to a workgroup switch.
I have all ports stealthed except for port 113, which is closed. I want it stealthed not closed. But I am having a hard time finding specific information on how to do this. So can anyone tell me how to do this with an SME server. I am using putty on a Vista machine to access the SME server, shell, etc.
I already read up on this. I am using the SME server as a gateway and private server only. I then have it connected to a workgroup switch.
I have all ports stealthed except for port 113, which is closed. I want it stealthed not closed. But I am having a hard time finding specific information on how to do this. So can anyone tell me how to do this with an SME server. I am using putty on a Vista machine to access the SME server, shell, etc.
Yikes! You've got quite a few user-built chains in there where port 113 packets could be getting sent to ACCEPT in. I can't really pinpoint the offending rule without going through those chains (state_chk, local_chk, PPPconn, and InboundTCP). My guess is the offending rule will be in InboundTCP, but no way to know for sure without seeing the contents.
Yikes! You've got quite a few user-built chains in there where port 113 packets could be getting sent to ACCEPT in. I can't really pinpoint the offending rule without going through those chains (state_chk, local_chk, PPPconn, and InboundTCP). My guess is the offending rule will be in InboundTCP, but no way to know for sure without seeing the contents.
I am new to SME server. I don't believe I did anything, might have. I will check it out.
But that's not a substitute for finding out why it's not stealthed currently.
I gave that a try. It works until the server is rebooted. I am not sure why but I will look into this and see if it is something I did or if something else is going on. Thanks for the help.
I gave that a try. It works until the server is rebooted.
That's the correct behavior. The iptables configuration isn't supposed to be saved until you say so. I googled SME server and it seems to be based on CentOS, (which is a Red Hat clone), so the way to save your iptables configuration is probably:
Code:
service iptables save
Don't take my word for it, though. Check the documentation.
That's the correct behavior. The iptables configuration isn't supposed to be saved until you say so. I googled SME server and it seems to be based on CentOS, (which is a Red Hat clone), so the way to save your iptables configuration is probably:
Code:
service iptables save
Don't take my word for it, though. Check the documentation.
I tried that but it didn't work. When I get home I will see if I can figure it out. If I can get an old 350MHz computer running I might add that specifically as a firewall, then the gateway/private server, workgroup switch, etc. From what I am reading it sounds like it may be a better idea to have the firewall and server on separate computers. Either way I will post the results, well if it works.
Below is something I had to do to make sure all the ports where stealthed before, I had about five or six showing up as opened or closed. It just didn't work with port 113.
Code:
Open Ports in Private Server/Gateway Mode
* I want to hide all ports, so I put my SMESERVER in PRIVATE SERVER/GATEWAY mode. I can still see some ports are open.
Certain services are still open on the WAN interface in PRIVATE SERVER/GATEWAY mode. Those services can be set to absolute private from the command line by:
config setprop masq Stealth yes
config setprop ftp access private
config setprop smtpd access private
config setprop dnscache access private
config setprop httpd-e-smith access private
config setprop oidentd access private
config setprop modSSL access private
config setprop ssmtpd access private
config setprop sshd access private
config setprop imaps access private
config setprop ldap access private
config setprop pop3 access private
config setprop pop3s access private
config setprop nmbd access private
config setprop smbd access private
signal-event post-upgrade
signal-event reboot
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
