Hi all,
I am trying to secure my linux box by setting up some essential but
powerful packet filtering rules using ipchains. I chose ipchains over
iptables simply because it seems that redhat 7.1 likes using ipchains by
default (as it loads the settings for ipchains during boot by default.)
plus, they are very similar in nature.
Here is what i would like to do:
Deny everything at first.
Allow programs that i need to use access to the internet.
Allow services to contact the internet that are required by the system.
In other words:
My system will appear to not even exist when doing basic probing.
I will be able to browse web (without common ads), talk on irc/aol
im/icq, play against others online with quake 3 arena, read e-mail/news,
and connect to my remote ftp server.
ICMP services like destination unreachable, source quench, time
exceeded, and parameter problem will be allowed, but ping and pong
services will just be denyed.
Here is my current network setup:
RedHat 7.1 box filtered using ipchains <-> Road Runner <-> Internet
Note that i have only two interface in my box: eth0 and lo. thus, i have
no need for forwarding, proxying, masquerading, etc. all i want is a
good filtering system. I tried to look up information on this topic, but
(annoyingly) everyone assumes i have some sort of lan setup and i have a
separate box setup as a firewall and nothing else, or that i have a
dialup and that also have an internal network. No one seems to cover how
to setup a single user machine to protect themselves on the internet. If
anyone could please help, i would appreciate it.
Thanks,
Travis
BTW, where did the irc channel go? I left for a little while, then came
back, looked and found it had disappeared...
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:48:38 EDT