[LBo] HIDS
Robin
robinlinux47 at gmail.com
Wed Nov 21 03:53:12 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> If your Laptop is a Linux OS I would install IPATBLES and use the following
> rule set. Copy to a file, make it executable and run one time this will
> create a firewall rule set that allows everything out and nothing in that you
> have not started. It will save the firewall configuration which should be
> started every time you reboot.
>
> -------- Start --------
> #/bin/bash
> /sbin/iptables -F
> /sbin/iptables -Z
> /sbin/iptables -X
> /sbin/iptables -P INPUT DROP
> /sbin/iptables -P OUTPUT DROP
> /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> /sbin/iptables -A INPUT -j DROP
> /sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> /sbin/iptables -A OUTPUT -m state --state NEW -j ACCEPT
> /sbin/iptables -save
> -------- End --------
>
> You can check your rules with the following;
>
> /sbin/iptables -L -v -n | less -SCi
>
> Look at your startup rc#.d to ensure that the firewall is started before the
> LAN interface is started.
>
>
Thank you Roberts
Ok i tried running that command /sbin/iptables -L -v | less -SCi and it
was empty, and i also check rc.d and yes, i have two calls of
SuSEfirewall2_init
SuSEfirewall2_setup
at boot time.i have add it here maybe u can help me edit it.
robin:/etc/rc.d # cat SuSEfirewall2_setup
#! /bin/sh
# Copyright (c) 2000-2002 SuSE GmbH Nuernberg, Germany.
#
# Author: Marc Heuse <marc at suse.de>
#
# /etc/init.d/SuSEfirewall2_setup
#
### BEGIN INIT INFO
# Provides: SuSEfirewall2_setup
# Required-Start: SuSEfirewall2_init $network $local_fs
# Should-Start: $ALL
# Required-Stop: $local_fs
# X-UnitedLinux-Should-Stop:
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: SuSEfirewall2 phase 2
# Description: SuSEfirewall2_setup does some basic setup and is the
# phase 2 of 2 of the SuSEfirewall initialization.
### END INIT INFO
# X-SuSE-Dep-Only
SUSEFWALL="/sbin/SuSEfirewall2"
test -x $SUSEFWALL || exit 5
bootlinkisset()
{
local l
l=`/sbin/runlevel | (read A B && echo $A)`
test -e /etc/init.d/rc$l.d/S??SuSEfirewall2_setup
}
. /etc/rc.status
rc_reset
case "$1" in
start)
echo -n "Starting Firewall Initialization "
echo -n '(phase 2 of 2) '
$SUSEFWALL -q --bootunlock start
rc_status -v
;;
stop)
echo -n "Shutting down the Firewall "
if [ -z "$REDIRECT" ]; then
$SUSEFWALL -q stop
rc_status -v
else
rc_status -s
fi
;;
restart|force-reload)
$0 start
;;
try-restart|reload)
if ($0 status) >/dev/null 2>&1; then
$0 start
else
rc_reset
fi
;;
long-status)
echo "Checking the status of SuSEfirewall2 "
if ! $SUSEFWALL status; then
rc_failed 3
fi
;;
status)
echo -n "Checking the status of SuSEfirewall2 "
iptables -nL reject_func >/dev/null 2>&1 || rc_failed 3
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload|force-reload}"
exit 1
;;
esac
# Set exit status
rc_exit
robin:/etc/rc.d # cat SuSEfirewall2_init
#! /bin/sh
# Copyright (c) 2000-2002 SuSE GmbH Nuernberg, Germany.
#
# Author: Marc Heuse <marc at suse.de>
#
# /etc/init.d/SuSEfirewall2_init
#
### BEGIN INIT INFO
# Provides: SuSEfirewall2_init
# Required-Start: $local_fs
# Required-Stop:
# Default-Start: 3 4 5
# Default-Stop:
# Short-Description: SuSEfirewall2 phase 1
# Description: SuSEfirewall2_init does some basic setup and is the
# phase 1 of 2 of the SuSEfirewall initialization
### END INIT INFO
SUSEFWALL="/sbin/SuSEfirewall2"
BOOTLOCKFILE="/var/lock/SuSEfirewall2.booting"
test -x $SUSEFWALL || exit 5
test -r /etc/sysconfig/SuSEfirewall2 || exit 6
. /etc/rc.status
rc_reset
case "$1" in
start)
echo -n "Starting Firewall Initialization "
echo -n '(phase 1 of 2) '
$SUSEFWALL --bootlock -q close
rc_status -v
;;
stop)
rc_failed 0
rc_status
;;
restart|force-reload)
$0 start
;;
try-restart|reload)
if ($0 status) >/dev/null 2>&1; then
$0 start
else
rc_reset
fi
;;
status)
echo -n "Checking the status of SuSEfirewall2 "
iptables -nL reject_func >/dev/null 2>&1 || rc_failed 3
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload|force-reload}"
exit 1
;;
esac
# Set exit status
rc_exit
robin:/etc/rc.d #
Thanx you very much,
One last think i almost forgot, i work for that some one and we work
together with this guy (who wand to hack my laptop), its my boss to
decide that he buy the router or no so that is y i can buy any hardware.
Thank you very much for your efforts guys
Robin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFHQ52YxCtCf553DNMRAj82AKCrSG/jPIEheZ1BH1Y3nxhrlPz5vQCfQQV3
BHrowGD9M4Yu+KVVZRyg7eU=
=ahVF
-----END PGP SIGNATURE-----
More information about the QnA
mailing list