New2MDK Posted February 10, 2005 Report Share Posted February 10, 2005 After having read the FAQs (securtiy section), I'm still unclear of something. It described guarddog as being more of a newbie firewall who don't understand the configuration of fire walls to well. So for me it sounds like a good thing. However, I'm confused, does it work in conjunction of my default firewall, or does that need to be uninstalled? If so, could you please give me direction on how to do that? Thank you all very much, Quote Link to comment Share on other sites More sharing options...
daniewicz Posted February 10, 2005 Report Share Posted February 10, 2005 Guarddog is a GUI for the (default) linux iptables firewall. Quote Link to comment Share on other sites More sharing options...
heather1113 Posted February 10, 2005 Report Share Posted February 10, 2005 (edited) I use Guarddog and love it, it's very easy to use and requires no monitoring. I'm not sure what firewall you are using now so I don't know if you will need to uninstall it but this just works as a graphical frontend for iptables. So all you do is download the rpm from here http://www.simonzone.com/software/guarddog/#download install the rpm and then start Guarddog up as root (I usually just open up konsole and su to launch things as root) to configure. By default it blocks everything so just go though and allow only what you need hit apply OK and close. I don't want to insult you by giving you too much info so just post back if you have more questions. I'm happy to help. Edited February 10, 2005 by heather1113 Quote Link to comment Share on other sites More sharing options...
New2MDK Posted February 11, 2005 Author Report Share Posted February 11, 2005 Heather, thank you for the reply and help. I downloaded guarddog through the same like. Then through the link for the RPM repository I did this as root urpmi.addmedia simonzone http://www.simonzone.com/software/mdkrpm/ with hdlist.cz. Then I installed the package using rpmdrake within Mandrake 10.1. I ran guarddog as root and got the following: [root@gian]# guarddog Link points to "/tmp/ksocket-root" QPixmap: Cannot create a QPixmap when no GUI is being used QPixmap: Cannot create a QPixmap when no GUI is being used Link points to "/tmp/kde-root" QPixmap: Cannot create a QPixmap when no GUI is being used QPixmap: Cannot create a QPixmap when no GUI is being used kbuildsycoca running... Reusing existing ksycoca Launched ok, pid = 6406 ALSA lib pcm_hw.c:549:(snd_pcm_hw_start) SNDRV_PCM_IOCTL_START failed: Broken pipe ALSA lib pcm_hw.c:549:(snd_pcm_hw_start) SNDRV_PCM_IOCTL_START failed: Broken pipe ALSA lib pcm_hw.c:549:(snd_pcm_hw_start) SNDRV_PCM_IOCTL_START failed: Broken pipe FOLLOWED BY: Guarddog was unable to read the file at /etc/rc.firewall as being a Guarddog firewall. This probably means that this file in not actually a Guarddog firewall. This is not a problem, but please note that if you exit Guarddog via the 'Ok' button this file will be overwritten. If you do not want this to happen, then after closing this message, immediately quit Guarddog using the 'Cancel' button. Also please be aware that the firewall settings shown may not represent the system's current firewalling configuration. (Detailed message "Error reading firewall file. This does not appear to be a Guarddog firewall file."), which came up in a different dialog box. Those messages is what prompted me to ask whether or not I needed to uninstall my default firewall first, which I believe is called "shorewall" I think? Any help you could give will certainly be appreciated. Thank you Quote Link to comment Share on other sites More sharing options...
daniewicz Posted February 11, 2005 Report Share Posted February 11, 2005 (edited) Guarddog was unable to read the file at /etc/rc.firewall as being a Guarddog firewall.This probably means that this file in not actually a Guarddog firewall. This is not a problem, but please note that if you exit Guarddog via the 'Ok' button this file will be overwritten. <{POST_SNAPBACK}> If I recall my Guarddog installation correctly, selecting OK and overwriting the original file was what I did with no ill effects. You have no firewall installed other than iptables, and Guarddog is an iptables front end. Edited February 11, 2005 by daniewicz Quote Link to comment Share on other sites More sharing options...
heather1113 Posted February 11, 2005 Report Share Posted February 11, 2005 (edited) Yes, that message is perfectly normal. Now as far as setting it up the internet zone will be highlighted and that's what I configure, Click on the protocol tab and place a check (by clicking in the box) of everything you want allowed, I allow nothing under Chat, nothing under Data Serve, under File Transfer I allow FTP, HTTP, and HTTPS. Then nothing untill I get to Mail where I allow POP3 and SMTP..........by now you're getting the hang of it I'm sure........then I allow DNS which is under Network So that's just me you'll have to go through and see what programs you use that need the internet that I don't (file sharing perhaps). Then that's it. Post back if you have any other problems. Oh I should tell you I have to launch Guarddog everytime I boot the computer I'm sure there's a reason and I could fix it but I don't. You probably won't have that problem but just in case. Edited February 11, 2005 by heather1113 Quote Link to comment Share on other sites More sharing options...
Steve Scrimpshire Posted February 11, 2005 Report Share Posted February 11, 2005 For what it's worth, guarddog is also in contrib on the official mdk mirrors. guarddog-2.2.0-2mdk.i586.rpm So, I guess if you want the latest and greatest guarddog, you can add that site's media to urpmi as suggested above. Thanks for adding the tip about adding it to your urpmi sources, New2MDK Quote Link to comment Share on other sites More sharing options...
New2MDK Posted February 11, 2005 Author Report Share Posted February 11, 2005 Thanks everyone for helping me understand, and thank you heather for giviing me the pointers. I have it up, just configuring it now. Thank you everyone :D New2MDK Quote Link to comment Share on other sites More sharing options...
New2MDK Posted February 11, 2005 Author Report Share Posted February 11, 2005 Yes, that message is perfectly normal. Now as far as setting it up the internet zone will be highlighted and that's what I configure, Click on the protocol tab and place a check (by clicking in the box) of everything you want allowed, I allow nothing under Chat, nothing under Data Serve, under File Transfer I allow FTP, HTTP, and HTTPS. Then nothing untill I get to Mail where I allow POP3 and SMTP..........by now you're getting the hang of it I'm sure........then I allow DNS which is under Network So that's just me you'll have to go through and see what programs you use that need the internet that I don't (file sharing perhaps). Then that's it. Post back if you have any other problems. Oh I should tell you I have to launch Guarddog everytime I boot the computer I'm sure there's a reason and I could fix it but I don't. You probably won't have that problem but just in case. <{POST_SNAPBACK}> Sorry for being a complete nuissance, however, is the protocol tab the only thing I need to specify in. what about ZONE internet & local, PROTOCAL local and the ADVANCED tab. Again I apologize for my ignorance. I'm trying to read up on as much as I can so I don't have to rely so much. But then again, thats why they call them newbies Thanks again Gianluca aka.New2MDK Quote Link to comment Share on other sites More sharing options...
heather1113 Posted February 11, 2005 Report Share Posted February 11, 2005 Sorry for being a complete nuissance, however, is the protocol tab the only thing I need to specify in. what about ZONE internet & local, PROTOCAL local and the ADVANCED tab. Again I apologize for my ignorance. I'm trying to read up on as much as I can so I don't have to rely so much. But then again, thats why they call them newbies Thanks again Gianluca aka.New2MDK <{POST_SNAPBACK}> You're not a nuissance I am just so glad I could help someone. Now for your question I would look around, what I did was clicked around on the different tabs just to learn it, but you can generally keep with the defaults. Also to make sure I didn't lead you astray you should go to one of the sites that scan your ports to see how good your firewall protection is, if you haven't already. This one is my favorite http://www.grc.com/default.htm and it's called Shields Up. Quote Link to comment Share on other sites More sharing options...
New2MDK Posted February 11, 2005 Author Report Share Posted February 11, 2005 Heather, this is some real saddness on my part. I continued disabling serices I don't need, after I wrote you back. Apparently, I stopped an incorrect services, because now I can't get in . During boot it asks me to press Y to check and fix something in root. Then it takes me to the login prompt, and as its booting in, it stops at loading services. Please help :D I didn't even do your last suggestion, because I can't. I had to come back to the miserable side of M$ XP. I await any help, Thank you New2MDK Quote Link to comment Share on other sites More sharing options...
heather1113 Posted February 11, 2005 Report Share Posted February 11, 2005 Working with what internet services to allow in Guarddog shouldn't have caused that problem ,and perhaps I'm wrong, but I'm not sure that they are related. You were only working in Guarddog right, not the Mandrake Control Center? I'm sorry but I'm not sure I'll be able to help you with that part but I'm sure someone else will pretty quickly. This board is amazing for knowledgable people. As a side note right now you are probably feeling in over your head but Linux only seems like that at first soon it becomes very fun and a bit addictive and you'll learn really fast. That may seem like an odd thing to say but I wish someone had told me that at first when I was learning and having problems. Quote Link to comment Share on other sites More sharing options...
Steve Scrimpshire Posted February 11, 2005 Report Share Posted February 11, 2005 boot with CD1 and hit F1 at the prompt. Type 'rescue' without the quotes. Click 'Mount your partitions under /mnt'. Click 'Go to console' Type: chroot /mnt cd /etc/init.d for name in * do chkconfig $name on done You'll get some errors, but everything should be cool after a reboot. Then if you're gonna try to turn services off, do one at a time in between reboots. Quote Link to comment Share on other sites More sharing options...
New2MDK Posted February 12, 2005 Author Report Share Posted February 12, 2005 I'd like to thank everyone who helped me get back to the right point. Thank you, New2MDK Quote Link to comment Share on other sites More sharing options...
daniewicz Posted February 12, 2005 Report Share Posted February 12, 2005 Then if you're gonna try to turn services off, do one at a time in between reboots. <{POST_SNAPBACK}> good advice Here is a brief description of some of the services that I found somewhere on the web anacron Related to the 'cron'-daemon. 'cron' runs tasks like system maintenance at certain times, but skips them if the system isn't running at that time. That's where 'anacron' comes in: it checks delayed 'cron'-tasks at boot-time and executes them. If your machine doesn't run all the time, you should leave it enabled. Optional. Doc: man anacron apmd The Advanced Power Management BIOS Daemon. Only needed if your computer runs on battery. Optional. Doc: man apmd arpwatch Keeps track of ethernet/ip address pairings. Usually not enabled. Optional. Doc: man arpsnmp atd The "At Daemon". Manages scheduled jobs. Related to crond. Essential. Doc: man atd, man at autofs Controls the automount daemon (note: this has nothing to do with 'supermount'). Usually not enabled. You might need it if you want to mount network-shares automatically. Optional. Doc: man autofs, man automount bootparamd Used to provide boot-information to diskless clients. You probably don't need this vulnerable service. Usually not enabled. Optional. Doc: man bootparamd crond The Cron Daemon. Manages repeated tasks. Related to atd. Essential. Doc: man crond, man cron gpm General Purpose Mouse Daemon. Necessary only if you want to use your mouse on the console (not xterms). If you only work within X it's better to turn it off, incompatibilities with X are a known issue. Optional. Doc: man gpm httpd The daemon necessary to run the Apache web-server. If you do not intend to run a web-server, turn it off: it uses a considerable amount of system resources and makes your box vulnerable to outside attacks if not configured properly. Optional. Doc: man httpd. inet(d) This handles dial-in services like ftp, pop3 and telnet (these three are enabled by default). If you only dial-out turn it off!. In its default setting it essentially invites anyone who knows your IP to launch an attack at your box. If you want to use it however, have a look at '/etc/inetd.conf', '/etc/hosts.allow', '/etc/hosts.deny' and install the tcp-wrappers.rpm. Optional. Doc: man inetd, man hosts_access and man tcpd. keytable Loads the selected keyboard map as set in '/etc/sysconfig/keyboard'. Usually enabled. Essential for users with non-US keyboards. Doc: man loadkeys kudzu Detects and configures new or changed hardware during boot. If you turn it off your box will boot faster. You can then run it from within the system. Usually enabled. Optional. Doc: man kudzu linuxconf This is not needed to run LinuxConf. This service is used to configure a linux box remotely with a browser. Most linux users will probably never use this. If not needed, it's safe to turn this off. Usually enabled. Optional. Doc: '/usr/lib/linuxconf/help. lpd The "Line Printer Spooler Daemon". Needed for printing. Usually enabled. Optional. Doc: man lpd netfs Network Filesystem Mounter. Generic service. Needed for mounting NFS, SMB and NCP shares on boot. Usually enabled. Optional. Doc: man mount network Activates all network interfaces at boot time by calling the scripts in '/etc/sysconfig/network-scripts'. Usually enabled. Essential. Doc: man ifconfig and the appropriate documentation for the initiated interfaces. nfslock Starts and stops the NFS file locking service. If you have no idea what this means, you can turn it off. Usually enabled. Optional. Doc: man nfs. numlock Locks NumLock key at init runlevel change. Usually enabled. Optional. No docs. pcmcia For laptop users only. Optional. Read the script. portmap Needed for Remote Procedure Calls. Portmap can be a huge security risk if not properly configured. It should only be needed for NFS or NIS services, if you don't use these then turn it off. Usually enabled. Optional. Doc: man portmap postfix This is the "Mail Transport Agent", something like sendmail. If you use Netscape Mail, KMail you can turn it off. Usually enabled. Optional. Doc: man postfix, '/usr/doc/postfix-[version]/html/index.html' random Random Number Generating Daemon. Needed for security. Essential. Doc: man 4 random routed Network Routing Daemon. Don't use this unless you really need it and don't use this if you have a dial-up connection. Optional. Doc: man routed rstatd The kernel statistics server (advanced networking stuff). Usually not enabled. Optional. Doc: man rpc.rstatd rusersd, rwalld, rwhod Provide several services useful when running a server. Usually not enabled. Optional. Doc: man-pages smb Needed for running SAMBA, the "Server Message Block Protocol Server". It allows you to provide network services to Windows clients and access shares on those machines from your GNU/Linux box. Usually not enabled. Optional. Doc: man samba, MUO pages on configuring SAMBA. syslog System Message Logger. Essential. Doc: man sysklogd usb Daemon for devices on the Universal Serial Bus. If you don't use such devices, you can turn it off. Usually enabled. Optional. For more check the files in /usr/src/linux/drivers/usb (you'll need the kernel-sources.rpm for this) xfs X Font Server. If you don't load this then you'll have to manually set the font paths in '/etc/X11/XF86Config' and use and external TrueType font server like xfstt. Usually enabled. Essential for X users. Doc: man xfs Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.