kristi Posted May 5, 2005 Report Share Posted May 5, 2005 (edited) ...or you could always just have someone nmap you, a little more comprehensive and less tainted with Steve Gibson Marketing Exclamation Marks!!!!!!!!!!! <{POST_SNAPBACK}> God I thought this topic was dead and gone! I've been using guarddog and MMC stardard security (MDV 2006 cooker current) I can fairly easily see what's being bounced by looking at /var/log/kernel/error (I have guarddog dump the stuff in error - less trash than in warning) Yeah, I always use GRC and ignore all the ads. I did like it when I had DSL cause the westel 2200 modem had a nice little firewall in it that was easily adjustable - that was back in the days when I was using Tiny Pers FW which changed to Kerio about the time I was really realizing I really wanted to get the hell away from windows and netbios and ntp and all that fine stuffs. I suppose I could get a router to put in series with my Comcast surfboard 5120. The "random pings" have died down a lot since I went to Linux. but occasionally I notice a rash from everything else on the Comcast node - newbies testing everything local looking for a sucker! The "distant" netbios pings dies out very quickly when I'm off windows. Anyway, Guarddog has been good to me (I also think firestarter is fine), but Azureus just went to v3 and in doing so I think they changed their "desires" from tcp 6881 to tcp&UDP 6881-6889 I run Azureus when I can - upload the i586 2005LE DVD and I'm still getting a lot of demand for it (40 after 5 minutes), so either more folks are trying MDV (yay!) or more folks are shifting to DVD format - either way, I've found the DVD format a huge blessing when installing and when updating - just one platter to feed to my machine and that's it! But I will pursue with Azureus and Simon (guarddog author)about Azureus' v3 changes on port needs. BUT - what I wanted to ask Adam was if he knew of anything better than GRC? Peas. Kristi Edited May 5, 2005 by kristi Quote Link to comment Share on other sites More sharing options...
solarian Posted May 8, 2005 Report Share Posted May 8, 2005 Is there anythin wrong with the standart Shorewall? I pretty much know all the ports that have to be allowed, so minimal interface is not really a problem for me. Is there anything that Guarddog does better in security? Quote Link to comment Share on other sites More sharing options...
kristi Posted May 8, 2005 Report Share Posted May 8, 2005 Is there anythin wrong with the standart Shorewall?I pretty much know all the ports that have to be allowed, so minimal interface is not really a problem for me. Is there anything that Guarddog does better in security? <{POST_SNAPBACK}> I don't know shorewall, though I tried to learn it a bit. Guard just seemed easier to me at the time so I went with it. Probably neither one is "best" but I'd like to hear from other folks who know shorewall :D Kristi Quote Link to comment Share on other sites More sharing options...
phunni Posted May 8, 2005 Report Share Posted May 8, 2005 HAHAHAHAHAUnable to connect with NetBIOS to your computer.All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet. suckers! tested my pc through shields-up with all their tests (not just the Windows specific one :D) all is stealthed apart from one port that reports as closed* Running Shorewall (that came with mdk) with some ports open for file sharing, everything else is on lockdown. * 113 IDENT Closed Your computer has responded that this port exists but is currently closed to connections. <{POST_SNAPBACK}> How'd you do that and what are the implications of having things locked down that tight? Quote Link to comment Share on other sites More sharing options...
solarian Posted May 8, 2005 Report Share Posted May 8, 2005 I didn't do anything special. Just installed Mandrake integrated Shorewall then went to MCC -> Security -> Firewall ticked off everything and manually entered the ports I want to have access to net. If you want you can disable http, ftp and other protocols, default allowed ports through /etc/shorewall/rules Anyways, whenever I install a program that needs to access the net, I just look up what ports it uses and open them. Have a few such programs. The implications? None that I know of apart that you need to know which ports to allow. p.s. Somebody please tell about Shorewall vs Guarddog from security point of view, skip the interface. Quote Link to comment Share on other sites More sharing options...
kristi Posted May 8, 2005 Report Share Posted May 8, 2005 (edited) How'd you do that and what are the implications of having things locked down that tight? afaik, ports are a ) "open" - they (your computer) will acknowledge a ping and ask what you would like to send it. Bad unless you are using that port and know that only what you want is getting through. b ) "closed" they will acknowledge a ping but not receive data. This tells a hacker that there is a computer there, and that that port will respond (if negatively). Depending on the port, and the response, the hacker may persist with different commands/data, and try to get an opening. c ) "stealth" your computer receives the other computer's ping but does nothing. The other computer does not know if there is a computer/port there or not and will probably go waste time elsewhere. Kristi EDIT - ports are by default closed or open. A firewall is what sets up the rules in the Linux IPtableV4, and determines what is closed or stealthed. Edited May 8, 2005 by kristi Quote Link to comment Share on other sites More sharing options...
phunni Posted May 9, 2005 Report Share Posted May 9, 2005 All my ports are already stealthed - I just want to be told that my computer is VERY SECURE :D Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.