[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [rhn-users] Firewalls and Antivirus software
- From: nick fita org
- To: rhn-users redhat com
- Subject: Re: [rhn-users] Firewalls and Antivirus software
- Date: Tue, 30 Sep 2003 20:46:40 -0400
Dag, Less, take it as a compliment!
Cool tip. I'll have to try it.
I think to get full i.e. new iptables functionality (e.g. string), you have to
download the latest source and remake it. (I'm too lazy and the modules you
mention should do the trick .... mostly.) I suspect RH is behind by a few releases.
Yrs,
Nick
Quoting Les Bell <lesbell lesbell com au>:
>
> nick fita org wrote:
>
> >>
> BTW, for some expert tips, our own Les Bell has written "Connecting a Small
> LAN
> to the Internet with a Linux Firewall" at
> www.lesbell.com.au/Home.nsf/security.
> <<
>
> Cor, no-one's ever called me that before! That was a short article for "PC
> User" magazine; somewhere I have some additional info which could really
> form a second article; it deals with "souping up" the iptables service and
> Lokkit provided by RH. For example, since /etc/sysconfig/iptables isn't a
> script, you can't put in modprobe commands to load some required modules.
> No problem; you can load them from within modules.conf, thusly:
>
> above ip_tables ip_conntrack_ftp ip_nat_ftp
>
> The "above" statement means that when the ip_tables module is loaded,
> ip_conntrack_ftp and ip_nat_ftp will automatically be loaded above it. This
> lets you push the basic RH firewall rules a little further. However, if you
> want to do more complex stuff, you'll come up against the limitations of
> /etc/sysconfig/iptables, and will probably have to move to a more
> conventional script.
>
> If I do write up a second article (and it won't be today), it will appear
> at http://www.lesbell.com.au/Home.nsf/Linux?OpenView. You can also find a
> short note on "Firewall Builder" there - that's my recommended GUI firewall
> script builder. There's also slides from a talk I gave to the Australian
> Computer Society NSW InfoSec SIG on "Building a Low-Cost Firewall with
> Linux" at http://www.lesbell.com.au/slides/linuxfw/linuxfw-.htm
>
> I second your comments on Bob Toxen's stuff - I picked up his "Real World
> Linux Security" recently and have been enjoying dipping into it as time
> permits.
>
> Best,
>
> --- Les Bell, RHCE, CISSP
> [http://www.lesbell.com.au]
>
>
>
> _______________________________________________
> rhn-users mailing list
> rhn-users redhat com
> https://www.redhat.com/mailman/listinfo/rhn-users
>
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]