Linux - DistributionsThis forum is for Distribution specific questions.
Red Hat, Slackware, Debian, Novell, LFS, Mandriva, Ubuntu, Fedora - the list goes on and on...
Note: An (*) indicates there is no official participation from that distribution here at LQ.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Recently switched firewall from Smoothwall to IP Cop but not happy about IP Cop firewall responding to pings even though all ports closed.
However now looking at using Monowall, so my Q is this
In smoothwall there is a facility to drop ICMP, IGMP pings and something to do with SYN cookies.
How does one do this with Monowall.
( yes I have RTFM, but I dont really understand how Monowall does this )
I usually heavily discourage people from doing any of these unless they have a specific reason for doing so. Turning these options on (or off depending on how you look at it) should only be used in response to certain attacks on your routers or firewalls. Turning them on all the time can cause all kinds of random annoying problems that you may or may not notice.
A point to think about here is if they really felt these options would be beneficial to the Internet community, why wouldn't they default to "off" ? In my experience, don't bother turning them off unless you are being attacked.
I am on dial-up, which means I have a different IP address everytime on the net. However I am usually on the net for up to 4 -5 hours per day.
In my snort logs on an average day I would usually be scanned by some idiot using Cyberkit or nmap - four or five times at least, so I would consider running in true stealth to be very beneficial.
Responding to pings is not my idea of stealth.
Browsing through the Security forum here at LQ, one sees a lot of people complaining of being cracked, I really don't intend to be one of them if I can avoid it. In my experience enabling these options before you are attacked is better than picking up the pieces later.
Again, I know I'm not answering the original question, but I think a little more study on why these options exist in the first place would really help further my point. "Stealth" doesn't mean a whole lot when there are 50 other way of verifying that something exist at the other end of the line. ICMP responses are valuable to your ISP and may be required by many services you HAVE requested such as online gaming plus a hundred other things. If you provide ZERO services from your network, there is no difference between "stealth" and "closed" ports.
To try to answer the question, each of these options are easily added my typing them in to the command line. I would guess that the IPCop developers are smart enough to know when these services are valuable and when they aren't so it's possible they set them automatically. Just a guess.
Again, I'm certainly not trying to get under your skin by my responses. Just remember that if you have issues with certain sites or services, these should be on your lists of things to remember.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.