Page 2 of 29 FirstFirst 123412 ... LastLast
Results 11 to 20 of 286

Thread: HOWTO: Set a custom firewall (iptables) and Tips [Beginners edition]

  1. #11
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Hit tud, do you think it would help those who follow the guide to have the loopback interface allowed in the script i gave ?
    I didn't put it in the example because i thought that most of the users won't need it.

  2. #12
    Join Date
    Jul 2006
    Location
    Penang, Malaysia
    Beans
    64
    Distro
    Ubuntu 6.06

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    No it don work for the code loopback,

  3. #13
    Join Date
    Jul 2006
    Beans
    103

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Perform the stealth, udp and tcp scan here :
    http://scan.sygate.com/
    All ports should be seen as blocked
    Your firewall script doesn't pass the stealth test of that site. Anyone can confirm this?

  4. #14
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Are you sure the firewall is running ?
    Did you customise the example i gave ?

    I have no problem with my script (a bit different from the example) and i pass all the tests on this site.
    BTW, what result did you get with the stealth scan ?

  5. #15
    Join Date
    Jul 2006
    Beans
    103

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Yes, it's running. I only changed the interface (eth0) to ppp0. I didn't touch the rest.

    This site is not bad too : https://grc.com/x/ne.dll?bh0bkyd2
    That site sees all ports as STEALTH, but the Sygate scan only sees them as BLOCKED.

    Have you tested both sites with the actual firewall you posted (I mean not your own modified version) ?

  6. #16
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Ok, on the sygate site they use the term blocked for a port which is closed and stealth, it's explained on the top of the steath scan page :


    So it's all good man 8) , and of course i tested the example with the 2 sites and also with nmap.
    Last edited by frodon; July 27th, 2006 at 01:30 PM.

  7. #17
    Join Date
    Jul 2006
    Beans
    103

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Sorry, my mistake: in my previous post I meant CLOSED (not BLOCKED). It's too late over here

    So the problem persists: somehow the scanner sees the port.

  8. #18
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Hum there's something weird, i trust the sygate site more than others so if the sygate scan return the CLOSED status threre's a problem somewhere.

    Just in case, post your firewall script, maybe there's a typo or a mistake somewhere.

  9. #19
    Join Date
    May 2006
    Beans
    97

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    Quote Originally Posted by Roque View Post
    Your firewall script doesn't pass the stealth test of that site. Anyone can confirm this?
    i use this script too without the dcc & amule ports and results were:

    shileds up scan : sees ports from 1023 - 1056 (scans only the first 1056 tcp ports) as closed and not blocked which results to a failed test.

    sygate quick scan: sees all ports that scans for trojans as closed not blocked. all other tests (including stealth scan) pass

  10. #20
    Join Date
    Jun 2005
    Location
    France
    Beans
    7,100
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: Set a custom firewall (iptables) and Tips

    dolby, did you cut & paste from the forum or the UDSF guide ?

    just to be sure that the firewall is running, run this command : sudo /etc/init.d/firewall restart
    Then to check that the rules are active run a : sudo iptables -L
    You should see a lot of rules.

    My own script is really similar to the example but with outgoing filtering but even without outgoing filtering i pass all the tests that's why there's something which seems weird to me.
    If you wish to see my own script, it is there :
    Last edited by frodon; July 27th, 2010 at 10:28 AM. Reason: obsolete link

Page 2 of 29 FirstFirst 123412 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •