RedHat security

O'Neill, Donald (US - Deerfield) dooneill at deloitte.com
Wed Dec 15 20:53:52 UTC 2004 

Larry, 

Why would you use iptables for internal servers? Iptables is a pain to
learn and maintain. You are going to have to setup specific rules for
DNS, HTTP, NTP, RHN and so on.. Use tcp_wrappers, the host.allow/deny
are simpler context to learn.

If you ignore the above advice, the first place to start is netstat -a.
This will show the active connection state of the server. You'll need to
look for services that are in the 'WAIT' state. This usually indicates
that the service is having trouble communicating. 

These lines below will dump tcp connections into your /var/log/messages
file for review.. 

iptables -I INPUT -p TCP -j LOG
iptables -I OUTPUT -p TCP -j LOG


-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Larry D Sorensen
Sent: Wednesday, December 15, 2004 1:48 PM
To: redhat-list at redhat.com
Subject: Re: RedHat security

Is there a good reference somewhere on how to add iptable rules for
someone who has never done it before?
(I am talking step-by-step)

Larry

On Wed, 15 Dec 2004 14:33:32 -0500 "Kenneth Goodwin"
<kgoodwin at datamarktech.com> writes:
> >  -----Original Message-----
> >  From: redhat-list-bounces at redhat.com
> >  [mailto:redhat-list-bounces at redhat.com]On Behalf Of Larry
> D Sorensen
> >  Sent: Wednesday, December 15, 2004 1:45 PM
> >  To: redhat-list at redhat.com
> >  Subject: Re: RedHat security
> >
> >
> >  Is there  a way to tell which part of the iptables is
> causing the
> >  connection problem between the servers without turning
> the
> >  whole thing
> >  off?
> >
> >  Larry
> >  On Tue, 14 Dec 2004 09:21:47 -0600 "O'Neill, Donald (US -
> Deerfield)"
> >  <dooneill at deloitte.com> writes:
> >  > Your firewall is on. Type 'service iptables stop' to
> disable it.
> >  > Then
> >  > to prevent it from starting on reboot, type:
> >  >
> >  > chkconfig --level 2345 iptables off
> >  >
> >  > -----Original Message-----
> >  > From: redhat-list-bounces at redhat.com
> >  > [mailto:redhat-list-bounces at redhat.com] On Behalf Of
> Larry D
> >  > Sorensen
> >  > Sent: Tuesday, December 14, 2004 9:02 AM
> >  > To: redhat-list at redhat.com
> >  > Subject: Re:RedHat security
> >  >
> >  >
> >  > I recently installed RedHat Workstation 3 on 2
> different servers
> >  > using
> >  > medium security. Both boxes are internal, (so I
> question why I used
> >  > medium), but I am now having trouble with the 2
> databases on them
> >  > talking. I believe it to be a security issue, but I am
> not sure.
> >  > What
> >  > steps would I have to go through, short if
> reinstalling,
> >  to make the
> >  > security how it would be if it were low?
> >  >
> >  > Larry
> 
> 
> You probably just need to add in iptable rules on both
> servers
> to allow the other server to connect on the PORT number(s)
> that your database software is using..
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe 
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> 

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law.  If you are not the intended recipient, you should delete this message.  Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.

More information about the redhat-list mailing list