[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- Subject: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
- From: Gerald Waugh <gerald@xxxxxxxxx>
- Date: Thu, 17 Jan 2002 10:40:29 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Thu, 17 Jan 2002, Francisco Sánchez wrote:
> Now I have installed on my RaQ3 ipchains and pmfirewall, along with
> portsentry.
>
> However there are a couple of things I don't have clear:
>
> - 1. When using ipchains, you can choose either to reject or deny
> connections to a particular port. However you can also allow connections to
> a port to a given IP address and netmask. That is what I have done with,
> for expample, ssh. My question here is, for those people who try now to
> connect by ssh from an IP other than those allowed, what will the get,
> reject or deny?
They will get what ever you have for example ssh default set for.
you need a rule to deny or reject ssh
> -2. Also, with portsentry, there is an ignore file, but I have seen that
> after a restart or reboot, the entries you add there are deleted. However,
> the IP addresses for the machine and 127.0.0.1 are always there. How can an
> IP or IP range be added permanently to that file?
Can't help on this one, since I use ipchains, I don't use portsentry.
--
Gerald Waugh
Registered Linux User 255245
register at http://counter.li.org