Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: RE: Dumb newbie question

RE: Dumb newbie question

From: R. DuFresne <dufresne_at_sysinfo.com>
Date: Thu, 12 Aug 2004 15:49:11 -0400 (EDT)

Howdy Rip et. al.,

I disagree. I think getting to know the iptables commands as well as all
the addon modules that are likely built into the kernel on this debian
system is important, from the commandline perspective rather then with a
sweet GUI hiding the ugly from the user. the netfilter site has a number
of highly documented rulesets one can use as a guid when building their
own rules. Reading through these and paying close attention to the
authors documentation for the rules given there are going to give one a
much better understanding of what is going on with the choices one wishes
to make. It;s also going to aid one in trying to find out what is
breaking their connectivity, and fixing those issues, as well as aid one
in adapting to current needs as they arise if one has a decent
understanding of the internal of iptable/netfilter.

Thanks,

Ron DuFresne

On Mon, 9 Aug 2004, Loomis, Rip wrote:

> I saw several other responses, but I think that they were
> all missing some critical points.
>
> > I'm just getting into [Debian] Linux and iptables - a definite
> > newbie! [...] My question is, where is the rule script stored?
> > I want to start trying my own rules but I don't know where the
> > file is to modify.
>
> You've self-assessed as a newbie, but you want to start "trying
> your own rules". Rather than starting by doing iptables rules
> directly, I'd recommend that you look at installing a package
> that will allow you to specify rules using a syntax that's easier
> to comprehend--I've had good results with the "shorewall"
> package, but there are other good ones out there.
>
> If you're really interested in security, then installing such
> a package (combined with R its FM) will make it easier to construct
> a rule set that makes sense. In my experience, teaching myself
> a packet filter by grabbing random rules off webpages and
> trying to make soup out of them can have...interesting...results.
>
> YMMV, of course--but based on your self-assessment I wouldn't
> recommend just mucking with iptables rules directly. Not saying
> it won't work, but you'd learn more quickly by letting a firewall
> package construct a ruleset for you and then going back and
> looking at the rules it put together and figuring out what each
> rule does.
>
> --
> Rip Loomis - SAIC
> Brainbench MVP for Internet Security
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards_at_honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
> 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Aug 13 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos