[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Portsentry, ipchains and pmfirewall

Subject: [cobalt-security] Portsentry, ipchains and pmfirewall
From: Francisco Sánchez <lists@xxxxxxxxxxxxx>
Date: Thu, 17 Jan 2002 15:06:55 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Now I have installed on my RaQ3 ipchains and pmfirewall, along with
portsentry.

However there are a couple of things I don't have clear:

- 1.  When using ipchains, you can choose either to reject or deny
connections to a particular port.  However you can also allow connections to
a port to a given IP address and netmask.  That is what I have done with,
for expample, ssh.  My question here is, for those people who try now to
connect by ssh from an IP other than those allowed, what will the get,
reject or deny?

-2. Also, with portsentry, there is an ignore file, but I have seen that
after a restart or reboot, the entries you add there are deleted.  However,
the IP addresses for the machine and 127.0.0.1 are always there.  How can an
IP or IP range be added permanently to that file?

Thanks for any assitance.

Francisco

Follow-Ups:
- Re: [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: Jacob
- Re: [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: Gerald Waugh

Prev by Date: [cobalt-security] IMAP4rev1 v12.264
Next by Date: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Previous by thread: Re: [cobalt-security] IMAP4rev1 v12.264
Next by thread: Re: [cobalt-security] Portsentry, ipchains and pmfirewall

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index