Sarah D. illuminated alt.os.linux.ubuntu by typing:
> Does Kubuntu have a built-in firewall of some sort? I can completely
> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
> it indicates that all my ports are closed except for a few that are
> stealth.
>
> Sure would appreciate any insight into what's going on......

I don't know too much about Kubuntu, but Ubuntu is pretty much locked
down from the off.

All (or very close to all) ports are only opened on a "per application"
basis. For instance, Run firefox, port 80 will open. Close it. Port 80
will close.

However, you'll need to do a bit of a sniff just to make sure. nmap
is a good place to start.

If you find any ports open that you aren't expecting (other than the
usual 110, 22, 80 etc) then you may want to run firestarter (or
preferably restart guarddog)

--
Moog

"If this is gonna be that kinda party I'm gonna stick my dick in the
mashed potatoes"

On Sun, 13 Apr 2008 16:21:03 -0500, Sarah D. wrote:
> Does Kubuntu have a built-in firewall of some sort? I can completely
> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
> it indicates that all my ports are closed except for a few that are
> stealth.
>
> Sure would appreciate any insight into what's going on......

With the firewall off, those results you see are because there are no
applications listing on those "closed" ports.

Once you start services/applications which listen for connections,
those "ports" become open.

Stealth, is a misnomer, it means the port accepted the connection but
did not respond to the probe. Filtered is the same thing.

Example I have sshd running with my firewall blocking everything
but one ip on the ssh port. It is filtering but GRC indicates stealth.

"Sarah D." wrote in message
news:ftttgf$frl$1@news.albasani.net...
> Does Kubuntu have a built-in firewall of some sort? I can completely
> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
> it indicates that all my ports are closed except for a few that are
> stealth.
>
> Sure would appreciate any insight into what's going on......
>
>
>
>

That would indicate something is consuming packets addressed to certain
ports but not others.

A closed port indicates a reply was sent to the probe but it was a reject.
Stealth indicates that either the probe never got there, or that it was
ignored, or that the reply never got back.

As closed ports suggests, as you say, that you are not running a firewall so
I am left wondering where the stealth ports come from.
If it had indicated closed on all ports I wouldn't have worried but I would
investigate what is happening on your system.
It may just be your ISP blocking some ports.
If you post the ports and your ISP someone will know.

On 2008-04-13, Moog wrote:
> Sarah D. illuminated alt.os.linux.ubuntu by typing:
>> Does Kubuntu have a built-in firewall of some sort? I can completely
>> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
>> it indicates that all my ports are closed except for a few that are
>> stealth.
>>
>> Sure would appreciate any insight into what's going on......
>
> I don't know too much about Kubuntu, but Ubuntu is pretty much locked
> down from the off.
>
> All (or very close to all) ports are only opened on a "per application"
> basis. For instance, Run firefox, port 80 will open. Close it. Port 80
> will close.

Firefox does not listen on port 80. It does not open any local ports.

i

> However, you'll need to do a bit of a sniff just to make sure. nmap
> is a good place to start.
>
> If you find any ports open that you aren't expecting (other than the
> usual 110, 22, 80 etc) then you may want to run firestarter (or
> preferably restart guarddog)
>

Sarah D. wrote:

> Does Kubuntu have a built-in firewall of some sort? I can
> completely turn off Guarddog (IP Tables or IP Chains) and then go to
> GRC.com and it indicates that all my ports are closed except for a
> few that are stealth.
>
> Sure would appreciate any insight into what's going on......




It looks like Firestarter was being started on boot. I modified the
ports on this firewall and all started working ok.

Sarah D. wrote:
> Does Kubuntu have a built-in firewall of some sort? I can completely
> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
> it indicates that all my ports are closed except for a few that are
> stealth.
>
> Sure would appreciate any insight into what's going on......
>
>
>

Hi Sarah D.
Just a suggestion.
I have firewall turned off.
I rely on my Netgear ADSL broad band modem to protect my computer.
Steve Gibson's ShieldsUp utility gives me stealth all the way,
then complements that my box is so secure that it seems to be turned off.
I am open to being advised of any weakness here.
Keep smilling.
Don.

"Sarah D." wrote:
>


Well, the blocked ports/stealthed ports are mostly from ur ISP blocking them at their end.

If i turn off the iptables firewall then some are stealthed and some are just closed.

By Default the Firewall is actually iptables - guarddog and firestarter are just a GUI for it.

Also by default iptables is NOT setup.

IF u want a script that's simple and easy to edit install arno-iptables-firewall in the repositories.

To set-up logging for arno-iptables-firewall for ur own rules see my site http://www.freewebs.com/gutsygibbon



So yes in ubuntu/kubuntu there is a firewall but it's not activated by default

Also if you search the web u can learn how to write ur own script and have it save on reboot.

Arno-iptables-firewall gives in to both worlds.

GUI = editing firewall.conf and custom-rules in /etc/arno-iptables-firewall with ur local script editor.

&

custom-rules - add ur own rules.




Posted Via Usenet.com Premium Usenet Newsgroup Services
----------------------------------------------------------
** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
----------------------------------------------------------
http://www.usenet.com

"Ignoramus17674" wrote in message
newsfOdnTC8KoYbEJ_VnZ2dnUVZ_qTinZ2d@giganews.com...
> On 2008-04-13, Moog wrote:
>> Sarah D. illuminated alt.os.linux.ubuntu by typing:
>>> Does Kubuntu have a built-in firewall of some sort? I can completely
>>> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
>>> it indicates that all my ports are closed except for a few that are
>>> stealth.
>>>
>>> Sure would appreciate any insight into what's going on......
>>
>> I don't know too much about Kubuntu, but Ubuntu is pretty much locked
>> down from the off.
>>
>> All (or very close to all) ports are only opened on a "per application"
>> basis. For instance, Run firefox, port 80 will open. Close it. Port 80
>> will close.
>
> Firefox does not listen on port 80. It does not open any local ports.

Any application using the internet has to have ports open and receiving
packets.
Probably not port 80 I agree, but open.

An application opened port can get a probe on that open port and the OS has
to deal with it.
Not dealing with it correctly has been the cause of many problems in the
past and probably will in the future.
It doesn't have to be a server to cause a problem, you could attack a client
port if you knew/thought it would be running. They are just harder to find
and you don't know which application is there unless you can snoop the
connection.
Any malformed (eg. not in the current connection) should be silently
discarded.

HTH.

On Sun, 13 Apr 2008 23:29:27 -0500, nowshining wrote:

> Well, the blocked ports/stealthed ports are mostly from ur ISP
> blocking them at their end.

Not hardly. For proof. install wireshark, get it started for your
Internet nic, and run the port scan again. You will see the scan
attempts on those ports proving ISP is not blocking the ports.

don wrote:

> Sarah D. wrote:
>> Does Kubuntu have a built-in firewall of some sort? I can completely
>> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
>> it indicates that all my ports are closed except for a few that are
>> stealth.
>>
>> Sure would appreciate any insight into what's going on......

How is the PC connected to the net?

> Just a suggestion.
> I have firewall turned off.
> I rely on my Netgear ADSL broad band modem to protect my computer.
> Steve Gibson's ShieldsUp utility gives me stealth all the way,
> then complements that my box is so secure that it seems to be turned
> off. I am open to being advised of any weakness here.

http://lwn.net/Articles/253830/ :-)
(security issues on British Telecom ADSL router)
Not Netgear, but like with any device or computer with an operating
system it is unlikely that any dsl router will be 100% fault free. And
given the negligence shown by many companies regarding the default
settings of these boxes (default admin accounts or default
configuration as an open WLAN access point) I rather doubt that they
care about the security of their code the way they are supposed to.
So it might be a good idea to add a second barrier with a firewall on
the PC connected to the router. Installing firestarter and setting it
up for a simple network is fast and troublefree and might well be worth
the moderate effort.

Günther

Sarah D. wrote:
> Does Kubuntu have a built-in firewall of some sort? I can completely
> turn off Guarddog (IP Tables or IP Chains) and then go to GRC.com and
> it indicates that all my ports are closed except for a few that are
> stealth.
>
> Sure would appreciate any insight into what's going on......
>
Guarddog is not a firewall, it's just a firewall configuration utility.
What do you mean by "completely turn off guarddog"?

Guarddog DOES let you disable the firewall... did you try that?