=?iso-8859-1?Q?Marie-Th=E9r=E8se_Lorentzen?= writes.... > > Thank you! > My problem is that I have no idea how to set up a firewall using iptables. I > know there is something called ports, but I have no idea which ports I > should have open or closed. At the moment I have a modem, but I'm a little > nervous about having some backdoor open unbeknownst to me once we get ADSL > set up. > When I get a little extra time, I'll do a little research on it. Do you have > website that explains it in a rather basic way? There are a couple lines of thought on this: * Learn iptable rules, and how they work. It's "a learning experience." * Buy a cheap router. I chose the latter. Got a D-Link router for $39.00. By default, all ports are closed (I think). Then you open what you need. But I strongly suggest you not plug the modem cable directly into the NIC with NO firewall what-so-ever. I had a friend who disagreed with that using the logic of, "I only log on long enough to check my mail, then log off." He got hit. It doesn't take long. In the mean time, if you must connect, you might want to consider using 'lokkit' and setting it to 'high.' It'll block everything out, but it'll keep people out until you can get a good security method in place. > Marie-Thérèse > > -----Oprindelig meddelelse----- > Fra: shrek-m@xxxxxx [mailto:shrek-m@xxxxxx] > Sendt: 17. marts 2003 22:50 > Til: mtlorentzen@xxxxxxxxxx > Emne: Re: SV: Firewall Issue > > > Marie-Thérèse Lorentzen schrieb: > > Is there a way or a file in which one can look at to see what the firewall > > is set actually at? It would be nice to see with ones own eyes if it is > set > > to what one believes to have set it to - particularly if some sort of > > problem comes up at a later point. > > > > #iptables-save > > /etc/sysconfig/iptables > is for #service iptables start > > you can create your own,eg. > #iptables-save > /etc/sysconfig/iptables-own > > or restore, eg. > #iptables-restore < /etc/sysconfig/iptables-own > > -- > shrek-m > > > > -- > Psyche-list mailing list > Psyche-list@xxxxxxxxxx > https://listman.redhat.com/mailman/listinfo/psyche-list > -- Jay Crews jpc@xxxxxxxxxxxx -- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/psyche-list
