| Autor |
Nachricht |
|
|
|
Titel: using dial-up is firewall/AV needed?
 Verfasst am: 12.07.2006, 16:51 Uhr
|
|
Anmeldung: 02. Jul 2006
Beiträge: 15
Wohnort: North Central Florida\USA
|
|
Hi,
Searched the forum for 'firewalls.' Read about Firestarter and Guarddog. Do I need to use one of these? Where do I get it? What about AV?
Thanks,
janice21475 |
|
|
| |
|
|
|
 |
|
|
|
Titel:
Verfasst am: 12.07.2006, 17:10 Uhr
|
|
Team Member
Anmeldung: 04. Apr 2006
Beiträge: 153
Wohnort: Melbourne, Australia
|
|
Janice ,, AV and such is to ensure your friends dont get nasties from you, coz you dont know you have them,, its all "proof of concept"
therefore
(clamav) apt-get install clamav. man clamscan, man freshclam then scan away
good idea to also get clamav-docs
try apt-cache search clam its will give you everyting thats in debian
and
Protect your machine: http://www.rootkit.nl/ now in debian,apt-get update && apt-get install rkhunter;rkhunter --update && rkhunter -c
** these are IRC# bot cmd sets |
_________________
Kanotix Easter RC4 on a dual boot P4 and a production box Desktop KDE::
Kanotix 2006 Easter RC4 on a P2 and Production Box , Desktop KDE::
Kanotix EasterRC4 on a MMX 199Mhz lappy
and a Production Box, Desktop ICEWM::
Zuletzt bearbeitet von bluewater am 12.07.2006, 17:30 Uhr, insgesamt ein Mal bearbeitet
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 12.07.2006, 17:28 Uhr
|
|
Team Member
Anmeldung: 04. Apr 2006
Beiträge: 153
Wohnort: Melbourne, Australia
|
|
Regarding Firewalls
I dont have the definitive answer for you, however the IRC# suggests
miyagi
wget http://rebelhomicide.demon.nl/scripts/mini-miyagi.sh && chmod 755 mini-miyagi.sh and apt-get remove --purge {firestarter,guarddog} . Run it with ./mini-myagi.sh
the live CD does not install the live CD firewall apparantly.. some stuffing around on your your part is eminent |
_________________
Kanotix Easter RC4 on a dual boot P4 and a production box Desktop KDE::
Kanotix 2006 Easter RC4 on a P2 and Production Box , Desktop KDE::
Kanotix EasterRC4 on a MMX 199Mhz lappy
and a Production Box, Desktop ICEWM::
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 12.07.2006, 21:45 Uhr
|
|
Team Member
Anmeldung: 17. Dez 2003
Beiträge: 1109
Wohnort: Ganymede
|
|
| A firewall is not absolutely required but I don't know of a single reason not to run a firewall. Sure it's possible to lock down a Linux box so that no ports are open but a GUI firewall is very easy to configure and requires relatively low resources. Just my .02 |
_________________
Ubuntu - An ancient African word for "Can't install Debian"
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 13.07.2006, 17:29 Uhr
|
|
Anmeldung: 20. Okt 2005
Beiträge: 278
|
|
I have firestarter installed, but when I do a shields up test, I have tons of open ports. What is wrong?
-Crust |
|
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 13.07.2006, 19:49 Uhr
|
|
Anmeldung: 07. Nov 2005
Beiträge: 112
Wohnort: Venezuela
|
|
run firestarter as root
Preferences > Firewall > ICMP Filtering
Check Enable ICMP Filtering
In Allow, I have checked:
Timestamping, Unreachable, Source Quencing
according to the users manual.
Which has lots of useful info for users. |
_________________
kanotix-2006-01, 2.6.18.5-slh-up-1, IceWM, Krusader; P4, 2.8GHz, 512MB
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 13.07.2006, 20:04 Uhr
|
|
Anmeldung: 20. Okt 2005
Beiträge: 278
|
|
I have read the manual, but perhaps I'm not understanding what I need to do.
I tried your suggestion, but I get the same result: most of the ports from 104~1056 are shown as open.
-Crust |
|
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 13.07.2006, 21:16 Uhr
|
|
Anmeldung: 07. Nov 2005
Beiträge: 112
Wohnort: Venezuela
|
|
Only thing that occurs to me, ¿are you sure you left checked the Start Firestarter now button, or did you uncheck it planning to add other policy later?
First time I installed it (when it actually worked) I had a similar problem that was cured by activating the ICMP Filtering.
Or, if you selected Reject with Packet Error instead of Drop Silently? in Advanced Options. That might cause the static from ShieldsUp.
I've found Firestarter to be easier to get running than Guarddog --I could never figure out how to get it to let me listen to music. |
_________________
kanotix-2006-01, 2.6.18.5-slh-up-1, IceWM, Krusader; P4, 2.8GHz, 512MB
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 14.07.2006, 01:44 Uhr
|
|
Anmeldung: 20. Okt 2005
Beiträge: 278
|
|
I did check the start firestarter button. ICMP filtering does not seem to chang anything with regards to opening an closing ports. I have drop silently checked.
I have completely removed and reinstalled firestarter with the same results.
When I turn the firewall off, I get most ports closed with some stealthed and only one open port (for printing).
When I turn it back on, I get most of the ports from 104-1056 as open.
I just uninstalled firestarter because it doesn't seem to work for me.
Please let me know if you know of a way to get it to work properly for me.
Thanks.
-Crust |
|
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 14.07.2006, 01:58 Uhr
|
|
Anmeldung: 07. Nov 2005
Beiträge: 112
Wohnort: Venezuela
|
|
I found out the hard way that Firestarter needs to be run and configured as root. Once setup, Save the setup when asked and then exit. The firewall is active from boot, though you don't see messages like with ZoneAlarm, etal. I had problems because I was running it in the startup group and causing problems for myself.
Run it as < kdesu firestarter > if you want to see some of the messages; but it's easier to just look for the logs.
I printed out the manual and read over it, then tried again. It is simple but I was trying too hard.
The Guarddog worked very well, except I could not find what I needed to turn on to listen to live365 streaming music. If that isn't a requirement for you, it might work. However, be warned, that guarddog blocks everything by default --nothing out, nothing in. |
_________________
kanotix-2006-01, 2.6.18.5-slh-up-1, IceWM, Krusader; P4, 2.8GHz, 512MB
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 14.07.2006, 05:43 Uhr
|
|
Anmeldung: 20. Okt 2005
Beiträge: 278
|
|
When you run firestarter as a user, it asks for the root password so that it can be run as root. Do I need to run it as root using the kdesu command?
I'll try it first thing tomorrow.
Thanks.
-Crust |
|
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 14.07.2006, 20:15 Uhr
|
|
Anmeldung: 07. Nov 2005
Beiträge: 112
Wohnort: Venezuela
|
|
That's what I have to do.
Everytime I try to run it as user, it says,
"You don't have enough privileges. Run this as root."
So I just do what it told me to do. I read that also, in the manual I think, that one could run as user and see the events; but that capability must have been changed in these later versions.
regards. |
_________________
kanotix-2006-01, 2.6.18.5-slh-up-1, IceWM, Krusader; P4, 2.8GHz, 512MB
|
| |
|
|
|
|
|
|
|
Titel:
Verfasst am: 14.07.2006, 22:57 Uhr
|
|
Anmeldung: 20. Okt 2005
Beiträge: 278
|
|
I tried what you said. It didn't work. I get open ports after installing firestarter. Most ports are closed before installing firestarter.
Thanks for the help, though. I really appreciate it.
-Crust |
|
|
| |
|
|
|
|
|
|
