largegroh Posted May 23, 2005 Report Share Posted May 23, 2005 (edited) can someone suggest one that has some good install directions? or any other suggestions for that matter. [moved from Software by spinynorman] Edited May 24, 2005 by largegroh Quote Link to comment Share on other sites More sharing options...
daniewicz Posted May 24, 2005 Report Share Posted May 24, 2005 GuardDog is a decent firewall (actually, it is a GUI to the linux built-in firewall). It is not on the Mandrivia CD's. A quick google will locate a Mandrivia RPM. Quote Link to comment Share on other sites More sharing options...
largegroh Posted May 24, 2005 Author Report Share Posted May 24, 2005 cool. i have dl'd guarddog-2.4.0-2mdk.src.rpm and guarddog-2.4.0-2mdk.i586.rpm as they were both offered on site. I do not know which to use (or both??) or the steps required to install it/them. If you would be willing to give me the steps i probably/ may be able to follow them. Quote Link to comment Share on other sites More sharing options...
devries Posted May 24, 2005 Report Share Posted May 24, 2005 The src.rpm is a source rpm (meaning you have to compile the software). Use the rpm. But why not use the Mandrake Control Center to configure the firewall. What are you trying to do? Quote Link to comment Share on other sites More sharing options...
kristi Posted May 24, 2005 Report Share Posted May 24, 2005 Huge caveat hehe - get your guardwall from Simon's site, NOT from easyurpmi - same numbers but they are different. Quote Link to comment Share on other sites More sharing options...
daniewicz Posted May 24, 2005 Report Share Posted May 24, 2005 largegroh: Just click on the rpm file to install. But why not use the Mandrake Control Center to configure the firewall. GuardDog gives a nice GUI. Quote Link to comment Share on other sites More sharing options...
largegroh Posted May 24, 2005 Author Report Share Posted May 24, 2005 did not know mandrake had a firewall built in. how do i get to it and how do i configure it. sigh. being a newb again is not fun. Quote Link to comment Share on other sites More sharing options...
kristi Posted May 24, 2005 Report Share Posted May 24, 2005 (edited) did not know mandrake had a firewall built in. how do i get to it and how do i configure it. sigh. being a newb again is not fun. <{POST_SNAPBACK}> SUGGESTION: put a few pillows between your head and that wall... hey! giggle at it!!!!!!! it's only a computer!!!!! MCC: menu, system, configuration, configure your computer options (at top) click expert mode. Click security. I think that will give you what you want but if not, ask again - this is a bit of a learning for me to as I only discovered that a month ago and in never use it - I run standard and use guarddog. But it's on my "to-do" list! Kristi Edited May 24, 2005 by kristi Quote Link to comment Share on other sites More sharing options...
largegroh Posted May 24, 2005 Author Report Share Posted May 24, 2005 ok.. i guess it is already set. says basic set to standard and the other options are at default. i am assumming that default is good. so if i am correct the firewall part is good. virus protection is not needed, true or false? if false, use f-prot or something better? note: when u get tired of lmy questions just tell me to ease up for a bit. lol Quote Link to comment Share on other sites More sharing options...
kristi Posted May 25, 2005 Report Share Posted May 25, 2005 ok.. i guess it is already set. says basic set to standard and the other options are at default. i am assumming that default is good. so if i am correct the firewall part is good. virus protection is not needed, true or false? if false, use f-prot or something better? note: when u get tired of lmy questions just tell me to ease up for a bit. lol <{POST_SNAPBACK}> Well, let's see - looking at mine, I security level and periodic security audit 1 )Basic tab (I just now discovered there are more than one tab)(hey! follow me! I'll lead you astray!!!! ) "standard", checked, my user name 2 ) Network options (all default) 3 ) System options (all default) 4 ) Periodic options (all default) II Fine tune security permissions of the system I believe this is where I get to ask: have you read file:///usr/share/doc/mandrake/en/Drakxtools-Guide/Drakxtools-Guide.html/mcc-security.html and committed it to memory or at lease "committed' it? heehee that is the help for the MCC security system - damn, these Mandrivans are amazing!!! Okay now that I have clearly shown myself to be ignorant of this system, let us hope that someone more knowledgeable will jump in. a) I have turned on notification [in the first box " "standard", checked, my user name" ] so I can find out what, if anything, this thing is blocking. I recommend you do, too. B) to find out if you are protected from the internet, I recommend going to GRC and running common https://www.grc.com/x/ne.dll?bh0bkyd2 click proceed, click continue once or twice, click common ports. You want it to come back as stealth. Mine does because I have guarddog blocking everything from outside probing. If I shut guarddog off, and run "common ports" again, a lot of my machine can be seen. In MCC Security "set up a personal firewall", uncheck "everything(no firewall), click OK, again click OK, [you will get a notification that shorewall needs to be installed, say yes] (it will inatll it). Then try GRC common ports and on my machine, all were stealthed except 113 ident. Changing security level from standard all the way up to Paranoid seems to make no difference - port 113 is still seen by the outside world. Looking closely at "set up personal firewall" advanced tab, you will see a suggestion to look at /etc/services file for info - right click on it, select Action, select print. (about 5 pages) In short, I only see ways to allow access, not to shut off 113 (apparently everything else is shut off automatically. So I will stick with guarddog. As to viruses: - I do not at the moment do anything. When I first played with 10.1 I installed klamav which is a gui controlled clamav a/v checked - hot stuff. I was very impressed with Mandrake (name at the time) that it's urpmi would load it (I had been trying forever to get Xandros to load it... LOL So I would really like some guru to come in here and tell me why shorewall won't block 113. The rest of setting up shorewall/MCC firewall would be easy as long as you KNOW THE PORTS YOU WANT TO ALLOW IN. peas Kristi Quote Link to comment Share on other sites More sharing options...
aioshin Posted May 25, 2005 Report Share Posted May 25, 2005 here's the script that I used as firewall, i put it as a file rc.firewall under /etc/rc.d/, or the file itself, /etc/rc.d/rc.firewall then #chmod +x /etc/rc.d/rc.firewall to make it executable then edit the /etc/rc.d/rc.local and put a line at the bottom of rc.local something like this "/etc/rc.d/rc.firewall" w/o quote so it will run at startup. I did'nt use shorewall, or guardog to manage the iptables, just that script, and actually, I just find that on a certain ebook, forgot the title, but grc finds my desktop as stealth... #!/bin/sh #flush existing rules iptables -F #note eth0 - connected to internet , eth1 - connected to LAN #This allows all data that has been sent out for the computer running the #Firewall to comeback #(for all of ICMP/TCP/UDP). #For example, if a ping request is made it will allow the reply back iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p icmp iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p tcp iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p udp iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth1 -p icmp iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth1 -p tcp iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth1 -p udp #Accepting all connection From LAN , if you trust you LAN iptables -A INPUT -i eth1 -s 172.16.0.0/24 -j ACCEPT # Anti spoofing iptables -A FORWARD -s 172.16.0.0/24 -i eth0 -j DROP iptables -A INPUT -s 172.16.0.0/24 -i eth0 -j DROP iptables -A INPUT -i eth0 -s 172.16.0.0/16 -j DROP iptables -A INPUT -i eth0 -s 10.0.0.0/8 -j DROP #IP add of eth1 iptables -A INPUT -i eth1 -s 2xx.7x.1xx.xxx -j DROP #ICMP iptables -A INPUT -i eth1 -p icmp -j ACCEPT iptables -A INPUT -i eth0 -p icmp -j REJECT #the logging is set so if more than 5 packets are dropped in #Three seconds they will be ignored. This helps to prevent a DOS attack #Crashing the computer the firewall is running on iptables -A INPUT -m limit --limit 3/second --limit-burst 5 -i ! lo -j LOG #dropping everything iptables -A INPUT -i ! lo -j DROP GRC Port Authority Report created on UTC: 2005-05-25 at 04:04:54 Results from scan of ports: 0-1055 0 Ports Open 0 Ports Closed 1056 Ports Stealth --------------------- 1056 Ports Tested ALL PORTS tested were found to be: STEALTH. TruStealth: PASSED - ALL tested ports were STEALTH, - NO unsolicited packets were received, - NO Ping reply (ICMP Echo) was received. Quote Link to comment Share on other sites More sharing options...
largegroh Posted May 25, 2005 Author Report Share Posted May 25, 2005 ok, I did all that kristi suggested. shorewall starts up, at least according to interactive list of stuff on boot. running check of file sharing gives me all stealth. running common ports gives me failure. i have installed guarddog, trying to install again says it is already installed, but no protection apparently. I can find no where to check if it is actually running. am i missing something here? do I have to turn it on somewhere? if so, where? thx for continuing to deal with all my questions. i am getting better, just slowly. Quote Link to comment Share on other sites More sharing options...
daniewicz Posted May 25, 2005 Report Share Posted May 25, 2005 Have a look in var/log/messages to see if the firewall is functioning. Firewall activity will be logged here. Quote Link to comment Share on other sites More sharing options...
largegroh Posted May 25, 2005 Author Report Share Posted May 25, 2005 (edited) ok, here is the /var/log/messages after bootup May 22 04:02:00 localhost syslogd 1.4.1: restart. May 22 04:02:46 localhost : May 22 04:02:46 localhost : Security Warning: World Writable files found : May 22 04:02:46 localhost : - /NVIDIA-Linux-x86-2.0-7174-pkg1.run May 22 04:02:46 localhost : - /tmp/.ICE-unix May 22 04:02:46 localhost : - /tmp/.X11-unix May 22 04:02:46 localhost : - /tmp/.X11-unix/X0 May 22 04:02:46 localhost : - /tmp/.font-unix May 22 04:02:46 localhost : - /tmp/.font-unix/fs-1 May 22 04:02:46 localhost : - /var/run/dbus/system_dbus_socket May 22 04:02:46 localhost : - /var/run/sdp May 22 04:02:46 localhost : - /var/run/xdmctl/dmctl-:0/socket May 22 04:02:46 localhost : - /var/run/xdmctl/dmctl/socket May 22 04:02:46 localhost : - /var/spool/postfix/dev/log May 22 04:02:46 localhost : - /var/spool/postfix/private/anvil May 22 04:02:46 localhost : - /var/spool/postfix/private/bounce May 22 04:02:46 localhost : - /var/spool/postfix/private/cyrus May 22 04:02:46 localhost : - /var/spool/postfix/private/cyrus-chroot May 22 04:02:46 localhost : - /var/spool/postfix/private/cyrus-deliver May 22 04:02:46 localhost : - /var/spool/postfix/private/cyrus-inet May 22 04:02:46 localhost : - /var/spool/postfix/private/defer May 22 04:02:46 localhost : - /var/spool/postfix/private/error May 22 04:02:46 localhost : - /var/spool/postfix/private/lmtp May 22 04:02:46 localhost : - /var/spool/postfix/private/lmtp-filter May 22 04:02:46 localhost : - /var/spool/postfix/private/local May 22 04:02:46 localhost : - /var/spool/postfix/private/maildrop May 22 04:02:46 localhost : - /var/spool/postfix/private/proxymap May 22 04:02:46 localhost : - /var/spool/postfix/private/relay May 22 04:02:46 localhost : - /var/spool/postfix/private/rewrite May 22 04:02:46 localhost : - /var/spool/postfix/private/smtp May 22 04:02:46 localhost : - /var/spool/postfix/private/smtp-filter May 22 04:02:46 localhost : - /var/spool/postfix/private/tlsmgr May 22 04:02:46 localhost : - /var/spool/postfix/private/trace May 22 04:02:46 localhost : - /var/spool/postfix/private/uucp May 22 04:02:46 localhost : - /var/spool/postfix/private/verify "messages" 9112L, 970225C i am not sure what i am looking for but see no mention of shorewall. it did load on boot though.. or so it said. i must be not doing something. still no sigh of guarddog even though it says it is installed. actually i can't find any sign of shorewall or guarddog in mcc although it is very possible i am not looking in right place. looking at mcc-secutity-personal firewall edit; ok found shorewall under system services (running) no guarddog yet though. Edited May 25, 2005 by largegroh Quote Link to comment Share on other sites More sharing options...
solarian Posted May 25, 2005 Report Share Posted May 25, 2005 mcc-secutity-personal firewall is shorewall Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.