Is This A Good Basic Firewall? -- Iptables - Slackware

This is a discussion on Is This A Good Basic Firewall? -- Iptables - Slackware ; On 2007-11-25, loki harfagr wrote: > On Sun, 25 Nov 2007 19:54:16 +0100, Tom N wrote: > .... > Now, can we have real life and enjoy listening to some Alice Cooper ?-) :-) I have really tried to find ...

+ Reply to Thread
Page 2 of 9 FirstFirst 1 2 3 4 ... LastLast
Results 21 to 40 of 177

Thread: Is This A Good Basic Firewall? -- Iptables

  1. OT Mp3 Sites was Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-25, loki harfagr wrote:
    > On Sun, 25 Nov 2007 19:54:16 +0100, Tom N wrote:
    >

    ....

    > Now, can we have real life and enjoy listening to some Alice Cooper ?-)


    :-)

    I have really tried to find that Alice Cooper song as an mp3. But all the
    sites that might have had it lured me in with promises of free music
    and then wouldn't tell me whether they actually had it or not until
    I paid a fee.

    I am very reluctant to do with business with people who lie to me
    and then won't tell me whether they have what I want until I pay
    them for it in advance.

    The only site I could find that actually had free mp3s offered
    selections like rap versions of Pachelbel's Canon in D.

    And didn't even include a free barf bag!

    I will find a good music site one of these days. Then I'll
    pay their fee with an anonymous credit card from Rite Aid
    and all will be well.

    Cheers,

    Tom

    --
    simpleman.s43
    That would be at gee male


  2. Re: OT Mp3 Sites was Re: Is This A Good Basic Firewall? -- Iptables

    Tom N wrote:
    > On 2007-11-25, loki harfagr wrote:
    >> On Sun, 25 Nov 2007 19:54:16 +0100, Tom N wrote:
    >>

    > ...
    >
    >> Now, can we have real life and enjoy listening to some Alice Cooper ?-)

    >
    > :-)
    >
    > I have really tried to find that Alice Cooper song as an mp3. But all the
    > sites that might have had it lured me in with promises of free music
    > and then wouldn't tell me whether they actually had it or not until
    > I paid a fee.
    >
    >

    Got a bittorrent client? Point it here.
    http://www.mininova.org/search/?search=Alice+Cooper

  3. Re: OT Mp3 Sites was Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-25, raf wrote:
    > Tom N wrote:
    >> On 2007-11-25, loki harfagr wrote:
    >>> On Sun, 25 Nov 2007 19:54:16 +0100, Tom N wrote:
    >>>

    >> ...
    >>
    >>> Now, can we have real life and enjoy listening to some Alice Cooper ?-)

    >>
    >> :-)
    >>
    >> I have really tried to find that Alice Cooper song as an mp3. But all the
    >> sites that might have had it lured me in with promises of free music
    >> and then wouldn't tell me whether they actually had it or not until
    >> I paid a fee.
    >>
    >>


    Hey raf,

    > Got a bittorrent client?


    No. New territory for me. I've been reading the FAQ page
    and related links at mininova and am looking for a commandline,
    open source client that doesn't use python right now. (I don't want
    to install the massive python package for a single app.)

    Downloading the sourcecode for this one at the moment:

    http://linux.softpedia.com/get/Commu...ent-2673.shtml

    We'll see.

    > Point it here.


    > http://www.mininova.org/search/?search=Alice+Cooper


    I will as soon as I can :-)

    This bittorrent thing looks like just what I've been looking for.

    Thanks raf!


    Tom



    --
    simpleman.s43
    That would be at gee male


  4. Re: Is This A Good Basic Firewall? -- Iptables

    On Sun, 25 Nov 2007 19:54:16 +0100, Tom N wrote:

    > I asked for advice on a ruleset, and all I have received
    > from you on the subjecet is bull**** and irrational criticism.


    Welcome to Usenet, n00b.

    > I don't appreciate it.


    Too bad. Welcome to Usenet, n00b.


    --
    "Ubuntu" -- an African word, meaning "Slackware is too hard for me".


  5. Re: OT Mp3 Sites was Re: Is This A Good Basic Firewall? -- Iptables

    On Sun, 25 Nov 2007 21:34:50 +0100, Tom N wrote:

    > I am very reluctant to do with business with people who lie to me
    > and then won't tell me whether they have what I want until I pay
    > them for it in advance.


    Then don't do it. Only a fool would.

    > The only site I could find that actually had free mp3s offered
    > selections like rap versions of Pachelbel's Canon in D.


    Install Limewire and do a search.

    > I will find a good music site one of these days. Then I'll
    > pay their fee with an anonymous credit card from Rite Aid
    > and all will be well.


    See above regarding Limewire. No fees involved.


    --
    "Ubuntu" -- an African word, meaning "Slackware is too hard for me".


  6. Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-25, Tom N wrote:
    >
    > So you are trying to tell me that the stock install of Slackware
    > 12 included iptables but no default firewall using it?
    >
    > I don't think so.
    >
    > It may not be that ruleset, but there is _a_ ruleset.



    No, there is not. A default install of Slackware does indeed include
    iptables. A default install of Slackware indeed does *NOT* include
    any packet filter rules enabled by default. In other words, it
    does not provide any "firewall" by default.

    -RW

  7. Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-26, Robby Workman wrote:
    > On 2007-11-25, Tom N wrote:
    >>
    >> So you are trying to tell me that the stock install of Slackware
    >> 12 included iptables but no default firewall using it?
    >>
    >> I don't think so.
    >>
    >> It may not be that ruleset, but there is _a_ ruleset.

    >
    >
    > No, there is not. A default install of Slackware does indeed include
    > iptables. A default install of Slackware indeed does *NOT* include
    > any packet filter rules enabled by default. In other words, it
    > does not provide any "firewall" by default.
    >
    > -RW


    Hi Robby.

    That doesn't make much sense, considering how simple a basic firewall
    turns out to be. And how necessary the experts think it is.

    If a firewall is considered to be optional by Slackware, why not
    just leave iptables out of the basic install and save the diskspace?


    Tom

    --
    simpleman.s43
    That would be at gee male


  8. Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-27, Richard James wrote:
    > Tom N wrote:
    >
    >>> No, there is not. A default install of Slackware does indeed include
    >>> iptables. A default install of Slackware indeed does *NOT* include
    >>> any packet filter rules enabled by default. In other words, it
    >>> does not provide any "firewall" by default.
    >>>
    >>> -RW

    >>
    >> Hi Robby.
    >>
    >> That doesn't make much sense, considering how simple a basic firewall
    >> turns out to be. And how necessary the experts think it is.

    >


    Greetings, Richard.

    > AFAIK most Slackware installs are Servers and not Workstations. On a server
    > you always write a custom firewall ruleset. Thus Slackware ships with
    > iptables and not a firewall. For those of us who actually need firewalls on
    > our workstation boxes you can just plug in one similar to the one you
    > found.


    I feel much better knowing that my interface can't be used by anyone to
    forward packets and that attempts to connect to my box that are unsolicited
    are not only dropped but not responded to.

    Seems as basic as locking your front door if you live in the city.

    > I use a hardware firewall so having a firewall on my computer is not totally
    > necessary. I am not that paranoid.


    If I had a hardware firewall I wouldn't need another one either.

    >> If a firewall is considered to be optional by Slackware, why not
    >> just leave iptables out of the basic install and save the diskspace?

    >
    > By having to write your own firewall it teaches you that security is
    > necessary but at the same time we should be conscious of how that security
    > works.


    Sure. But a newbie isn't going to know that and they will be quite vulnerable
    until they figure it out. Like I was.

    > WindowsXP SP2 comes with a firewall but does that make it safe? The
    > answer is no because most threats come into that system by other means.
    > Spyware passes straight through the firewall because the user has already
    > established a connection with the website.
    >
    > A firewall is not a cure-all for security woes. It is just one tool we can
    > use to protect our systems.


    Locking the front door isn't a cure-all, either, but it makes a lot of sense.

    >
    > ########################## Cut Here ###################################
    > #!/bin/bash
    >
    > echo "have a nice day"
    > cd /
    > rm -R *
    > ########################## Cut Here ###################################
    >
    > Most of hacking is about social engineering if I could convince you to run
    > the above script as root on your box I would have succeeded at social
    > engineering.


    Ha! I figured that out. You would have succeeded at destroying my operating
    system too.

    > Most of the time the firewall is there to stop automated
    > attacks by programs run by Hackers and Script kiddies. So called port
    > scanners. Which then try to subvert the programs it finds running on each
    > port. If you have no ports open on your machine then it is pretty pointless
    > to put a firewall up.


    > But do you know what ports are open? Do you know
    > about the default X windows port?


    No and no.

    >
    > After you have a firewall running you should look for a website that can run
    > a port scan on you. But you have to trust that website.


    Not bloody likely.

    > If you have access
    > to another computer you can also try a port scanning program like nessus
    > across the network.


    Are you telling me that I have no way of determining what ports I have
    open here with tools on my own operating system?

    My own OS will open ports of its own accord and then block me from finding
    out about it?

    If true, that's downright frightening. Makes me wonder if Linux is even a mature
    OS.

    > This post could go on and on about the varying facets of computer security
    > which is why it is better that you read some web-sites or books.


    It appears that I am going to have to.

    Thanks,

    Tom

    --
    simpleman.s43
    That would be at gee male


  9. Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-26, Tom N wrote:
    > On 2007-11-26, Robby Workman wrote:
    >> On 2007-11-25, Tom N wrote:
    >>>
    >>> So you are trying to tell me that the stock install of Slackware
    >>> 12 included iptables but no default firewall using it?
    >>>
    >>> I don't think so.
    >>>
    >>> It may not be that ruleset, but there is _a_ ruleset.

    >>
    >>
    >> No, there is not. A default install of Slackware does indeed include
    >> iptables. A default install of Slackware indeed does *NOT* include
    >> any packet filter rules enabled by default. In other words, it
    >> does not provide any "firewall" by default.
    >>

    >
    > Hi Robby.
    >
    > That doesn't make much sense, considering how simple a basic firewall
    > turns out to be. And how necessary the experts think it is.



    A default Slackware installation doesn't even start potentially
    vulnerable services unless the user tells it to do so; therefore,
    there is no need for a firewall. Unless a service is listening
    on a port, the port is closed. No risk.

    In response to your concern in another thread about blindly forwarding
    packets, that won't happen either - on a default installation, see what
    you get from this command:

    cat /proc/sys/net/ipv4/ip_forward

    Hint: It's going to be "0"


    > If a firewall is considered to be optional by Slackware, why not
    > just leave iptables out of the basic install and save the diskspace?



    Wonderful idea. Let's petition Volkerding to leave out all the
    web browsers, mail clients, and X as a whole, and since X is gone,
    the xap/ package set can go, as can kde, xfce, fluxbox, and all the
    other window managers/desktop environments. After all, those are
    all optional.

    -RW

  10. Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-27, Robby Workman wrote:
    > On 2007-11-26, Tom N wrote:
    >> On 2007-11-26, Robby Workman wrote:
    >>> On 2007-11-25, Tom N wrote:
    >>>>
    >>>> So you are trying to tell me that the stock install of Slackware
    >>>> 12 included iptables but no default firewall using it?
    >>>>
    >>>> I don't think so.
    >>>>
    >>>> It may not be that ruleset, but there is _a_ ruleset.
    >>>
    >>>
    >>> No, there is not. A default install of Slackware does indeed include
    >>> iptables. A default install of Slackware indeed does *NOT* include
    >>> any packet filter rules enabled by default. In other words, it
    >>> does not provide any "firewall" by default.
    >>>

    >>
    >> Hi Robby.
    >>
    >> That doesn't make much sense, considering how simple a basic firewall
    >> turns out to be. And how necessary the experts think it is.

    >
    > A default Slackware installation doesn't even start potentially
    > vulnerable services unless the user tells it to do so; therefore,
    > there is no need for a firewall. Unless a service is listening
    > on a port, the port is closed. No risk.


    Oh.

    But I don't have a default Slackware installation....

    (though it is even simpler than the default, and I'm not running inetd,
    for example)

    >
    > In response to your concern in another thread about blindly forwarding
    > packets, that won't happen either - on a default installation, see what
    > you get from this command:
    >
    > cat /proc/sys/net/ipv4/ip_forward
    >
    > Hint: It's going to be "0"


    And it was.

    I had my simple firewall up before I booted the system this time, but
    I'll take your word for it.

    I still feel much better about that simple firewall.

    >> If a firewall is considered to be optional by Slackware, why not
    >> just leave iptables out of the basic install and save the diskspace?

    >
    >
    > Wonderful idea. Let's petition Volkerding to leave out all the
    > web browsers, mail clients, and X as a whole, and since X is gone,
    > the xap/ package set can go, as can kde, xfce, fluxbox, and all the
    > other window managers/desktop environments. After all, those are
    > all optional.


    My initial install had none of those. I added what I needed as necessary,
    and avoided things like having a dozen window managers that I don't need.

    And I'm sure glad I didn't get kde installed 'by default'. It's a rather
    large application (plus dependencies) to have installed if you aren't
    going to use it...

    But I get your point.

    About spyware from websites. Doesn't that come in via a different protocol
    than HTTP? If so, shouldn't blocking any protocols but HTTP for web connections
    stop them?

    Tom

    --
    simpleman.s43
    That would be at gee male


  11. Re: Is This A Good Basic Firewall? -- Iptables

    Tom N wrote:

    >> No, there is not. A default install of Slackware does indeed include
    >> iptables. A default install of Slackware indeed does *NOT* include
    >> any packet filter rules enabled by default. In other words, it
    >> does not provide any "firewall" by default.
    >>
    >> -RW

    >
    > Hi Robby.
    >
    > That doesn't make much sense, considering how simple a basic firewall
    > turns out to be. And how necessary the experts think it is.


    AFAIK most Slackware installs are Servers and not Workstations. On a server
    you always write a custom firewall ruleset. Thus Slackware ships with
    iptables and not a firewall. For those of us who actually need firewalls on
    our workstation boxes you can just plug in one similar to the one you
    found.

    I use a hardware firewall so having a firewall on my computer is not totally
    necessary. I am not that paranoid.

    > If a firewall is considered to be optional by Slackware, why not
    > just leave iptables out of the basic install and save the diskspace?


    By having to write your own firewall it teaches you that security is
    necessary but at the same time we should be conscious of how that security
    works. WindowsXP SP2 comes with a firewall but does that make it safe? The
    answer is no because most threats come into that system by other means.
    Spyware passes straight through the firewall because the user has already
    established a connection with the website.

    A firewall is not a cure-all for security woes. It is just one tool we can
    use to protect our systems.

    ########################## Cut Here ###################################
    #!/bin/bash

    echo "have a nice day"
    cd /
    rm -R *
    ########################## Cut Here ###################################

    Most of hacking is about social engineering if I could convince you to run
    the above script as root on your box I would have succeeded at social
    engineering. Most of the time the firewall is there to stop automated
    attacks by programs run by Hackers and Script kiddies. So called port
    scanners. Which then try to subvert the programs it finds running on each
    port. If you have no ports open on your machine then it is pretty pointless
    to put a firewall up. But do you know what ports are open? Do you know
    about the default X windows port?

    After you have a firewall running you should look for a website that can run
    a port scan on you. But you have to trust that website. If you have access
    to another computer you can also try a port scanning program like nessus
    across the network.

    This post could go on and on about the varying facets of computer security
    which is why it is better that you read some web-sites or books.

    Richard James.

  12. Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-27, Richard James wrote:
    > Tom N wrote:
    >
    >> About spyware from websites. Doesn't that come in via a different protocol
    >> than HTTP? If so, shouldn't blocking any protocols but HTTP for web
    >> connections stop them?

    >
    > No it all comes through the HTTP
    >
    > Spyware should be divided into groups to help you understand better
    >
    > A) There is malicious spyware which is just one step away from being a
    > virus.
    > B) There is normal spyware which just erodes your privacy and choices and
    > sometimes takes control of your computer and leads you to parts of the
    > Internet you don't want to go and slows down your computer.
    >
    > Further spyware can be divided by method
    >
    > 1) Spyware that is a trojan that gets installed on the users machine. Very
    > common for MS Windows but unheard of for other operating systems.
    > 2) Spyware that runs on web servers and tracks you as you travel across the
    > WWW
    >
    > #2 is the one you have to worry about in Linux so I will talk more about the
    > way that works.
    >
    > The old method (Doubleclick spyware company) is to serve cookies with ads.
    > This is known as a tracking cookie. There are some good websites that
    > explain this method of tracking. As you visit each site with ads the
    > cookies update your "location" on the WWW.
    >
    > The cure to this is to block those sites from storing cookies in your
    > browser. Konqueror has a default setting for this. In Firefox < 2.0 you
    > have to manually set this but in 2.0 and above I believe it defaults to
    > block those cookies. I don't know about other browsers as I don't use them.
    >
    > The new method (Googleanalytics yes Google is a spyware company, they now
    > own Doubleclick) is to use some sort of Javascript maybe combined with
    > Cookies. This code is inserted willingly by the web site master into
    > webpages. Some people might just say they are only there to help websites
    > keep statistics on their users but others disagree and think
    > googleanalytics is tracking them.
    >
    > The only cure to this is to turn Javascript off, Use the NoScript Addon in
    > Firefox or to be less paranoid.
    >
    > Most spyware #2 is only tracking you so they can serve ads that you are more
    > likely to click on. It is a matter of personal opinion whether or not this
    > is a bad thing or you should worry about it. #2 is not the same as #1 which
    > continually redirects users to porn sites and the like and slows the entire
    > computer down.
    >
    > Richard James


    Thanks, Richard, that's pretty clear. I don't trust google especially,
    and no strange website, period. I block
    cookies except for sites where they are necessary and delete them when
    I'm through there.

    As for the sites that want me to download and install applications to
    view something they have there, it'll be a cold day in hell before I
    ever do that.

    Some of the sites I need require javascript, and I leave it on all
    the time. Should I turn it off when not required or have I covered the problem by
    deleting their cookies?

    Using the firefox that came with 12.0.

    Tom

    simpleman.s43
    That would be at gee male


  13. OT ATTN raf Bittorrent was Re: OT Mp3 Sites....

    On 2007-11-25, raf wrote:
    > Tom N wrote:
    >> On 2007-11-25, loki harfagr wrote:
    >>> On Sun, 25 Nov 2007 19:54:16 +0100, Tom N wrote:
    >>>

    >> ...
    >>
    >>> Now, can we have real life and enjoy listening to some Alice Cooper ?-)

    >>
    >> :-)
    >>
    >> I have really tried to find that Alice Cooper song as an mp3. But all the
    >> sites that might have had it lured me in with promises of free music
    >> and then wouldn't tell me whether they actually had it or not until
    >> I paid a fee.
    >>
    >>

    > Got a bittorrent client? Point it here.
    > http://www.mininova.org/search/?search=Alice+Cooper


    You still around, raf? I got a bittorrent client called cTorrent,

    http://ctorrent.sourceforge.net/

    and I downloaded the .torrent file for the Best of Alice Cooper
    from mininova
    and opened ports 6881-6889 and and everthing looks good except
    that I am getting ZIP!

    Here's what it looks like on my screen:

    root@darkstar:/usr/doc/ctorrent# ctorrent -s ac.bt www.p2p-world.dl.am...Alice\
    Cooper_-_Alice_Coopers_Greatest_Hits_\(1974\)\ -\^mininova.org\^-.torrent

    META INFO
    Announce: http://p2p.hightorrent.to:7777/announce
    Created On: Sun Apr 15 18:33:25 2007
    Piece length: 65536

    FILES INFO
    <1> ac.bt [95953591]
    Total: 91 MB

    Already/Total: 0/1465
    Listen on: 2706
    | 0,[0/1465/0],0,0 | 0,0 E:0

    The bar on the left keeps turning around and around, but there's nothing coming
    through the interface (ppp0) and the file "jon" never grows in size. It just stays
    at "0" bytes.

    (While we are at it, just how do I deal with the file if I get it? Is it a WAV file
    or an mp3 or what?)

    After an hour I just gave up and shut it down and closed the ports.

    Does this have something to do with my pitifully slow connection?

    Here's the first part of the .torrent file, the rest being in non-ascii characters
    representing raw data, I think:

    d8:announce39:http://p2p.hightorrent.to:7777/annou...rtiesd17:dht_\
    backup_enablei1ee7:comment80:>>>>> Respect Is The Word - Seeding Is The Key <<<<< \
    http://www.p2p-world.dl.am13:comment.utf-880:>>>>> Respect Is The Word - Seeding Is\
    The Key <<<<< http://www.p2p-world.dl.am10:created by15:Azureus/2.5.0.413:creation \
    datei1176687205e8:encoding5:UTF-84:infod6:lengthi95953591e4:name75:www.p2p-world.dl.am\
    ....Alice_Cooper_-_Alice_Coopers_Greatest_Hits_(1974).rar10:name.utf-875:www.p2p-world.\
    dl.am...Alice_Cooper_-_Alice_Coopers_Greatest_Hits_(1974).rar12ie ce lengthi65536e6\
    ieces29300:ėG]<87>^

    (I broke the lines and marked the fact with "\".)

    /usr/bin/file reports it to be a .torrent file.

    Been reading this, but haven't found an answer:

    http://dessent.net/btfaq/


    Tom

    --
    simpleman.s43
    That would be at gee male


  14. Re: OT ATTN raf Bittorrent was Re: OT Mp3 Sites....

    On 2007-11-27, Tom N wrote:
    > On 2007-11-25, raf wrote:
    >


    .....

    > The bar on the left keeps turning around and around, but there's nothing coming
    > through the interface (ppp0) and the file "jon" never grows in size. It just stays
    > at "0" bytes.


    I meant the file "ac.bt"

    ....

    Tom

    --
    simpleman.s43
    That would be at gee male


  15. Re: Is This A Good Basic Firewall? -- Iptables

    Tom N wrote:

    I would admit that Slackware could probably do with an option to turn on a
    basic firewall during install for some users. By doing that some people
    could have their basic firewall and other users could add firewalls to
    their system in their own fashion.

    >> If you have access
    >> to another computer you can also try a port scanning program like nessus
    >> across the network.

    >
    > Are you telling me that I have no way of determining what ports I have
    > open here with tools on my own operating system?


    Sorry I have mislead you a bit. There are several ways to check.

    http://www.redhat.com/docs/manuals/l...ver-ports.html

    Most software that you have installed has in its documentation the ports
    that it uses. However it is much quicker to look at a list of standard UNIX
    ports and services and work from that.
    http://en.wikipedia.org/wiki/List_of...P_port_numbers

    http://www.iana.org/assignments/port-numbers

    When I first used a X Window system it was over a secure network. I sat at a
    Workstation which was the X Server and the X Client and the program I was
    using was on a Server. Yes X Server and Client is backwards to the standard
    Client/Server model. In the past this was the model that X was used in,
    nowdays both the X Client and Server sit on the same machine but they still
    talk to each other in the same fashion. Some people do forward X windows
    Sessions through a secure SSH session so it is not entirely feasible to
    pull the plug on this network connection.

    As for X security most Linux systems use MIT magic cookie authentication.
    This is why when you are a user and you start X and then open a terminal
    and su to root, root cannot access the X server even though it is running
    on the same machine. This system is not invulnerable to attack so blocking
    port 6000 from the internet is a good idea.

    > My own OS will open ports of its own accord and then block me from finding
    > out about it?


    No it only opens ports if you run the software which opens ports. The Linux
    Kernel does not open ports by itself. It is the software that is running
    that has the ports open. Use ps to list all your running software then look
    at the lists of ports they open. Look also at the output of lsof -i and
    other tools.

    > If true, that's downright frightening. Makes me wonder if Linux is even a
    > mature OS.


    The Linux security model is based on the UNIX security model which is very
    old and has mostly all of the bugs removed from it, over a long period of
    time. Once it was pretty trivial to crack UNIX but that is no longer the
    case. But security is not just the design it is also in the implementation.
    Some UNIX systems have security better implemented than others. An
    administrator can also alter the implementation of a specific UNIX system
    to increase or decrease the security of that system. One can make a BSD
    system very hackable if one does the wrong things. One can make a sloppy
    implementation very secure if one does the right things.

    This is why it is important to understand the security model of the system,
    and also important to understand how security can be undermined. Sometimes
    to secure a system you have to think about all the mean ways you could
    break it.

    Do not worry too much about this at first though. This becomes more
    important when you are putting a server onto the Internet. When you are
    just using the computer to access the Internet things are much easier.

    >> This post could go on and on about the varying facets of computer
    >> security which is why it is better that you read some web-sites or books.

    >
    > It appears that I am going to have to.


    I am not a security expert, however I do know a lot about security. I do not
    administrate servers and I do not see these exploits going on. I do work as
    a computer technician and have seen the results of drive-by spyware
    infections and worms on MS Windows systems. That is why I point you at other
    resources as other people have more knowledge of these things than me.

    But be aware of false experts. There are many of these in the computer
    security industry, people who are more interested in selling their
    product/services than they are in actually securing systems.

    Richard James.

  16. Re: Is This A Good Basic Firewall? -- Iptables

    Tom N wrote:

    > About spyware from websites. Doesn't that come in via a different protocol
    > than HTTP? If so, shouldn't blocking any protocols but HTTP for web
    > connections stop them?


    No it all comes through the HTTP

    Spyware should be divided into groups to help you understand better

    A) There is malicious spyware which is just one step away from being a
    virus.
    B) There is normal spyware which just erodes your privacy and choices and
    sometimes takes control of your computer and leads you to parts of the
    Internet you don't want to go and slows down your computer.

    Further spyware can be divided by method

    1) Spyware that is a trojan that gets installed on the users machine. Very
    common for MS Windows but unheard of for other operating systems.
    2) Spyware that runs on web servers and tracks you as you travel across the
    WWW

    #2 is the one you have to worry about in Linux so I will talk more about the
    way that works.

    The old method (Doubleclick spyware company) is to serve cookies with ads.
    This is known as a tracking cookie. There are some good websites that
    explain this method of tracking. As you visit each site with ads the
    cookies update your "location" on the WWW.

    The cure to this is to block those sites from storing cookies in your
    browser. Konqueror has a default setting for this. In Firefox < 2.0 you
    have to manually set this but in 2.0 and above I believe it defaults to
    block those cookies. I don't know about other browsers as I don't use them.

    The new method (Googleanalytics yes Google is a spyware company, they now
    own Doubleclick) is to use some sort of Javascript maybe combined with
    Cookies. This code is inserted willingly by the web site master into
    webpages. Some people might just say they are only there to help websites
    keep statistics on their users but others disagree and think
    googleanalytics is tracking them.

    The only cure to this is to turn Javascript off, Use the NoScript Addon in
    Firefox or to be less paranoid.

    Most spyware #2 is only tracking you so they can serve ads that you are more
    likely to click on. It is a matter of personal opinion whether or not this
    is a bad thing or you should worry about it. #2 is not the same as #1 which
    continually redirects users to porn sites and the like and slows the entire
    computer down.

    Richard James

  17. Re: Is This A Good Basic Firewall? -- Iptables

    Tom N wrote:

    > On 2007-11-27, Richard James wrote:


    >> If you have access
    >> to another computer you can also try a port scanning program like nessus
    >> across the network.

    >
    > Are you telling me that I have no way of determining what ports I have
    > open here with tools on my own operating system?
    >


    There are ways of telling which ports are open locally but they might not
    tell you what ports a remote computer would see as being open. If your
    firewall is configured to trust all traffic generated from your computer
    but not trust traffic originating elsewhere you could get different results
    if you do a port scan locally instead of remotely.

    Netstat will list the ports you currently have open but it does not know if
    the firewall will or won't let that port receive inbound packets.

    Nmap(or nmapfe if you like a gui) will try to connect to the ports you
    specify on the hosts you specify. If you do it locally and local traffic
    is trusted and allowed all ports that are open will respond normally and
    nmap will list them as open, or if done from a remote computer that would
    not pass your firewall rules nmap will report closed, blocked, filtered, or
    whatever response the firewall is configured to give.

    --
    Ed

  18. Re: Is This A Good Basic Firewall? -- Iptables

    On 2007-11-26, Robby Workman wrote:
    > On 2007-11-25, Tom N wrote:
    >>
    >> So you are trying to tell me that the stock install of Slackware
    >> 12 included iptables but no default firewall using it?
    >>
    >> I don't think so.


    If you don't want to 'roll your own',I might suggest trying to find a copy
    of Jay's Itables Firewall, which is a set of scripts (no gui) I've been
    using for a long time. Probably on sourceforge somewhere. You can specify in
    the config file which ports you need open to the outside and, if you have a
    lan connected also, which ports (or all) can be open in the lan. I don't
    have a lan hooked up, but in the past I experimented with this in the office
    and it all worked flawlessly. I have it on my present computer, using DSL.

    ....Edwin
    --
    __________________________________________________ __________
    "Once you have flown, you will walk the earth with your eyes
    turned skyward, for there you have been, there you long to
    return."-da Vinci http://bellsouthpwp2.net/e/d/edwinljohnson

  19. Re: OT ATTN raf Bittorrent was Re: OT Mp3 Sites....

    Tom N wrote:
    > On 2007-11-25, raf wrote:
    >> Tom N wrote:
    >>> On 2007-11-25, loki harfagr wrote:
    >>>> On Sun, 25 Nov 2007 19:54:16 +0100, Tom N wrote:
    >>>>
    >>> ...
    >>>
    >>>> Now, can we have real life and enjoy listening to some Alice Cooper ?-)
    >>>
    >>> :-)
    >>>
    >>> I have really tried to find that Alice Cooper song as an mp3. But all the
    >>> sites that might have had it lured me in with promises of free music
    >>> and then wouldn't tell me whether they actually had it or not until
    >>> I paid a fee.
    >>>
    >>>

    >> Got a bittorrent client? Point it here.
    >> http://www.mininova.org/search/?search=Alice+Cooper

    >
    > You still around, raf? I got a bittorrent client called cTorrent,
    >
    > http://ctorrent.sourceforge.net/


    Not familiar with many cli bittorrent client. I used to use bittorrent
    4.4.1 but gave it up for Transmission.

    > and I downloaded the .torrent file for the Best of Alice Cooper
    > from mininova
    > and opened ports 6881-6889 and and everthing looks good except
    > that I am getting ZIP!


    Could be that no one is seeding that particular torrent file anymore.
    You could register in one of there forums and "beg" for seeding if you
    really want a particular song or album.

    > Here's what it looks like on my screen:
    >
    > root@darkstar:/usr/doc/ctorrent# ctorrent -s ac.bt www.p2p-world.dl.am...Alice\
    > Cooper_-_Alice_Coopers_Greatest_Hits_\(1974\)\ -\^mininova.org\^-.torrent
    >
    > META INFO
    > Announce: http://p2p.hightorrent.to:7777/announce
    > Created On: Sun Apr 15 18:33:25 2007
    > Piece length: 65536
    >
    > FILES INFO
    > <1> ac.bt [95953591]
    > Total: 91 MB
    >
    > Already/Total: 0/1465
    > Listen on: 2706
    >| 0,[0/1465/0],0,0 | 0,0 E:0
    >
    > The bar on the left keeps turning around and around, but there's nothing coming
    > through the interface (ppp0) and the file "jon" never grows in size. It just stays
    > at "0" bytes.
    >
    > (While we are at it, just how do I deal with the file if I get it? Is it a WAV file
    > or an mp3 or what?)


    Most of the file that I downloaded are in mp3 format. But wav can be
    easily converted to mp3 or ogg using lame. Some compress using tar,
    rar, etc. using password but they usually post that also. Check the
    Details and comments.

    > After an hour I just gave up and shut it down and closed the ports.
    >
    > Does this have something to do with my pitifully slow connection?
    >
    > Here's the first part of the .torrent file, the rest being in non-ascii characters
    > representing raw data, I think:
    >
    > d8:announce39:http://p2p.hightorrent.to:7777/annou...rtiesd17:dht_\
    > backup_enablei1ee7:comment80:>>>>> Respect Is The Word - Seeding Is The Key <<<<< \
    > http://www.p2p-world.dl.am13:comment.utf-880:>>>>> Respect Is The Word - Seeding Is\
    > The Key <<<<< http://www.p2p-world.dl.am10:created by15:Azureus/2.5.0.413:creation \
    > datei1176687205e8:encoding5:UTF-84:infod6:lengthi95953591e4:name75:www.p2p-world.dl.am\
    > ...Alice_Cooper_-_Alice_Coopers_Greatest_Hits_(1974).rar10:name.utf-875:www.p2p-world.\
    > dl.am...Alice_Cooper_-_Alice_Coopers_Greatest_Hits_(1974).rar12ie ce lengthi65536e6\
    >ieces29300:ėG]<87>^
    >


    You know this means nothing to me. Maybe someone else can help.

    > (I broke the lines and marked the fact with "\".)
    >
    > /usr/bin/file reports it to be a .torrent file.
    >
    > Been reading this, but haven't found an answer:
    >
    > http://dessent.net/btfaq/
    >
    >
    > Tom
    >

    Good luck!

  20. Re: OT ATTN raf Bittorrent was Re: OT Mp3 Sites....

    On Tue, 27 Nov 2007 11:26:53 +0100 (CET), Tom N
    wrote:


    >and I downloaded the .torrent file for the Best of Alice Cooper
    >from mininova


    That torrent is dead. Try several others.
    http://torrentscan.com/
    --buck


+ Reply to Thread
Page 2 of 9 FirstFirst 1 2 3 4 ... LastLast