[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- Subject: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- From: Jacob <jacob@xxxxxxxxxx>
- Date: 17 Jan 2002 14:26:54 +0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
The ipchains rules are read from top to bottom. The first rule to match
is used, and no other rules are read.
So if you want to allow access to a port only by certain hosts, have a
rule at the top that allows this access, and have another rule following
it denying access to everyone.
J.
On Thu, 2002-01-17 at 14:06, Francisco Sánchez wrote:
> Now I have installed on my RaQ3 ipchains and pmfirewall, along with
> portsentry.
>
> However there are a couple of things I don't have clear:
>
> - 1. When using ipchains, you can choose either to reject or deny
> connections to a particular port. However you can also allow connections to
> a port to a given IP address and netmask. That is what I have done with,
> for expample, ssh. My question here is, for those people who try now to
> connect by ssh from an IP other than those allowed, what will the get,
> reject or deny?
>
> -2. Also, with portsentry, there is an ignore file, but I have seen that
> after a restart or reboot, the entries you add there are deleted. However,
> the IP addresses for the machine and 127.0.0.1 are always there. How can an
> IP or IP range be added permanently to that file?
>
> Thanks for any assitance.
>
> Francisco
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>