Re: Cable Internet  (Major.Mikey,  Fri Feb 3 06:14:26 2006) On Thursday 02 February 2006 06:42 pm, Major.Mikey wrote: > Well, I have officially joined the modern agw; I got high speed > internet..... sort of. What do I have to do to open linux to using it. > Along the same lines what do I need to do to secure it? > > Unsure of what to do. > Bye. > > Thank you for any assistance you are willing to give. On Thursday 02 February 2006 10:09 pm, you wrote: > Assuming you meant age rather than agw... Linux treats a cable modem like > any other type of routing point. DHCP should get you what you need, and > everything should magically work. Yeah, that is what I expected; yet, it just sits there and Ihave to communicate via dial-up.... unless I need to set DHCP up. Is that what I need to do? If you could tell me how it would be very beneficial seeing as how I work as a cox cable guy (contractor) and nobody in our shop knows how to set it up in Linux. My boss (who was setting it up for me) verified that it is working with his laptop (XP). > > As for securing it, be sure to run iptables with all incoming ports locked > down by default, allowing only established traffic, would be the way to go. > One possible extremely basic ruleset would be: > > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > iptables -A INPUT -j DROP > > though you'd probably want to make at least a few more elaborate allowments > than that. > Well, this is the iptables I currently have. It seems that your appended rules are already in there. Well, just to make sure I'll run the command anyways. If you have  the time could you look at my iptable. I was wondering, how would I set it up to filter out the advertisements? By the way, what do the two iptable rules I just added, upon recomendation, do? (iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT) (iptables -A INPUT -j DROP) bmike1@1[bmike1]$ sudo iptables -L Chain INPUT (policy DROP) target     prot opt source               destination ACCEPT     all  --  anywhere             anywhere ACCEPT     udp  --  anywhere             anywhere            udp spt:bootps dpt:bootpc ACCEPT     all  --  10.10.10.2           10.255.255.255 logaborted  tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED tcp flags:RST/RST ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded ACCEPT     icmp --  anywhere             anywhere            icmp parameter-problem nicfilt    all  --  anywhere             anywhere srcfilt    all  --  anywhere             anywhere Chain FORWARD (policy DROP) target     prot opt source               destination ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded ACCEPT     icmp --  anywhere             anywhere            icmp parameter-problem srcfilt    all  --  anywhere             anywhere Chain OUTPUT (policy DROP) target     prot opt source               destination ACCEPT     all  --  anywhere             anywhere ACCEPT     udp  --  anywhere             anywhere            udp spt:bootpc dpt:bootps ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded ACCEPT     icmp --  anywhere             anywhere            icmp parameter-problem s1         all  --  anywhere             anywhere Chain f0to1 (4 references) target     prot opt source               destination ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:ipp state NEW ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:netbios-ns state NEW ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:65535 dpt:netbios-ns ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-ns dpt:netbios-ns ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:65535 dpt:netbios-dgm ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-dgm dpt:netbios-dgm ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:netbios-ssn state NEW ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:65535 dpt:netbios-ssn ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:microsoft-ds state NEW ACCEPT     icmp --  anywhere             anywhere            icmp source-quench ACCEPT     udp  --  anywhere             anywhere            udp dpts:6970:7170 ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-ns dpts:1024:5999 ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-ns dpt:netbios-ns ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-dgm dpt:netbios-dgm ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpts:1024:65535 state NEW DROP       icmp --  anywhere             anywhere            icmp echo-reply logdrop    all  --  anywhere             anywhere Chain f0to2 (1 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f0to3 (0 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f1to0 (1 references) target     prot opt source               destination ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-ns dpts:1024:65535 ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-ns dpt:netbios-ns ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-dgm dpt:netbios-dgm ACCEPT     icmp --  anywhere             anywhere            icmp redirect ACCEPT     udp  --  anywhere             anywhere            udp dpt:32816 ACCEPT     udp  --  anywhere             anywhere            udp dpt:3478 ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:jabber-client state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:5223 state NEW ACCEPT     udp  --  anywhere             anywhere            udp dpt:ntp ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:ntp state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:3030 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:https state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:554 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:7070 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:postgresql state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:netbios-ns state NEW ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:5999 dpt:netbios-ns ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-ns dpt:netbios-ns ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:5999 dpt:netbios-dgm ACCEPT     udp  --  anywhere             anywhere            udp spt:netbios-dgm dpt:netbios-dgm ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:netbios-ssn state NEW ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:5999 dpt:netbios-ssn ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:mysql state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8765 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:1863 state NEW ACCEPT     udp  --  anywhere             anywhere            udp dpt:4000 ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpts:1024:65535 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:6346 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:dict state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:pop3 state NEW ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:rsync state NEW ACCEPT     icmp --  anywhere             anywhere            icmp source-quench ACCEPT     udp  --  anywhere             anywhere            udp dpt:5060 ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:ftp state NEW ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:5999 dpt:time ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:time state NEW ACCEPT     udp  --  anywhere             anywhere            udp dpts:33434:33600 ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:pop3s state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain state NEW ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:imaps state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:www state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:webcache state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:8008 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:8000 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:8888 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:11999 state NEW ACCEPT     udp  --  anywhere             anywhere            udp dpt:5061 ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:5050 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:telnet state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpts:5000:5001 state NEW ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:5999 dpt:5000 ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:smtp state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpts:5190:5193 state NEW ACCEPT     udp  --  anywhere             anywhere            udp spts:1024:5999 dpts:5190:5193 ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpts:6660:6669 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:pop2 state NEW ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:nntp state NEW DROP       icmp --  anywhere             anywhere            icmp echo-request REJECT     tcp  --  anywhere             anywhere            tcp spts:1024:5999 dpt:whois state NEW reject-with tcp-reset REJECT     udp  --  anywhere             anywhere            udp dpt:43 reject-with icmp-port-unreachable logdrop    all  --  anywhere             anywhere Chain f1to2 (1 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f1to3 (0 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f2to0 (1 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f2to1 (4 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f2to3 (0 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f3to0 (1 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f3to1 (4 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain f3to2 (1 references) target     prot opt source               destination logdrop    all  --  anywhere             anywhere Chain logaborted (1 references) target     prot opt source               destination logaborted2  all  --  anywhere             anywhere            limit: avg 1/sec burst 10 LOG        all  --  anywhere             anywhere            limit: avg 1/min burst 1 LOG level warning prefix `LIMITED ' Chain logaborted2 (1 references) target     prot opt source               destination LOG        all  --  anywhere             anywhere            LOG level warning tcp-sequence tcp-options ip-options prefix`ABORTED ' ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED Chain logdrop (14 references) target     prot opt source               destination logdrop2   all  --  anywhere             anywhere Chain logdrop2 (1 references) target     prot opt source               destination DROP       all  --  anywhere             anywhere Chain logreject (0 references) target     prot opt source               destination logreject2  all  --  anywhere             anywhere Chain logreject2 (1 references) target     prot opt source               destination REJECT     tcp  --  anywhere             anywhere            reject-with tcp-reset REJECT     udp  --  anywhere             anywhere            reject-with icmp-port-unreachable DROP       all  --  anywhere             anywhere Chain nicfilt (1 references) target     prot opt source               destination RETURN     all  --  anywhere             anywhere RETURN     all  --  anywhere             anywhere RETURN     all  --  anywhere             anywhere RETURN     all  --  anywhere             anywhere logdrop    all  --  anywhere             anywhere Chain s0 (1 references) target     prot opt source               destination f0to1      all  --  anywhere             10.10.10.2 f0to1      all  --  anywhere             10.255.255.255 f0to1      all  --  anywhere             mepis1 f0to1      all  --  anywhere             dialup-4.240.192.207.Dial1.Phoenix1.Level3.net f0to2      all  --  anywhere             10.0.0.0/8 logdrop    all  --  anywhere             anywhere Chain s1 (1 references) target     prot opt source               destination f1to2      all  --  anywhere             10.0.0.0/8 f1to0      all  --  anywhere             anywhere Chain s2 (1 references) target     prot opt source               destination f2to1      all  --  anywhere             10.10.10.2 f2to1      all  --  anywhere             10.255.255.255 f2to1      all  --  anywhere             mepis1 f2to1      all  --  anywhere             dialup-4.240.192.207.Dial1.Phoenix1.Level3.net f2to0      all  --  anywhere             anywhere Chain s3 (0 references) target     prot opt source               destination f3to1      all  --  anywhere             10.10.10.2 f3to1      all  --  anywhere             10.255.255.255 f3to1      all  --  anywhere             mepis1 f3to1      all  --  anywhere             dialup-4.240.192.207.Dial1.Phoenix1.Level3.net f3to2      all  --  anywhere             10.0.0.0/8 f3to0      all  --  anywhere             anywhere Chain srcfilt (2 references) target     prot opt source               destination s2         all  --  10.0.0.0/8           anywhere s0         all  --  anywhere             anywhereOn Thursday 02 February 2006 10:09 pm, you wrote: > Assuming you meant age rather than agw... Linux treats a cable modem like > any other type of routing point. DHCP should get you what you need, and > everything should magically work. > > As for securing it, be sure to run iptables with all incoming ports locked > down by default, allowing only established traffic, would be the way to go. > One possible extremely basic ruleset would be: > > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > iptables -A INPUT -j DROP > > though you'd probably want to make at least a few more elaborate allowments > than that. > > -- Eric > > On 2/2/06, Major.Mikey wrote: > > Well, I have officially joined the modern agw; I got high speed > > internet..... > > sort of. What do I have to do to open linux to using it. Along the same > > lines > > what do I need to do to secure it? > > > > Unsure of what to do. > > Bye. > > > > Thank you for any assistance you are willing to give. --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss