[SuSE Linux] Configuration for a firewall
Hi all, I'm trying to configure a firewall for protect my pc from the attacks via internet, specially for nukes and hacking by IRC. The pc is a stand-alone machine with no permanent connession in the Internet and with dynamic IP address assigned by the server. I have configured the system environment under YAST as listed above: FW_START <YES> FW_LOCALNETS <> FW_FTPSERVER, WWWSERVER SSLSERVER..... <> FW_WORLD DEV <PPP0> FW_INT_DEV <PPP0> FW_LOG_ACCEPT <NO> FW_LOG_DENY <YES> FW-ROUTER <> FW_FRIENDS<> FW_INOUT <YES> FW_REDIRECT <> FW_TCP_LOCK_PORTS <1:1023> FW_ UDP_LOCK_PORTS <1:1023> I have also recompiled the kernel including the features specified in the manual. Opening the file /var/log/messages, i have seen the following line: .... Nov 5 22:36:37 LocalHost in.telnetd[297]: connect from ... Nov 5 22:37:09 LocalHost login[298]: invalid password for `root' on `ttyp0' ... So i can see that the firewall do not block the access...so i should have made a mistake in the configuration... When i execute the script firewall winh the parameter "-list" i obtain: IP firewall input rules, default policy: accept IP firewall output rules, default policy: accept IP firewall forward rules, default policy: accept This should means that it is well configured or not? I have also heard that if a firewall is well configured, i should not be able to do a "ping" to other host connected in internet: it's true or false? In this conditions, i'm able to do this: the ping command runs correctly. How should I modify this configuration? How can I test the correct installation about the firewall? TIA Alessandro Avidano a.avidano@studenti.to.it - To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e
participants (1)
-
a.avidano@studenti.to.it