So how do I block a port in IPCop? I've gone to the firewall tab where I can
forward ports or configure external access, but I haven't found any
instructions on how to effectively block a port. Do I have to get to IPCop's
root shell and manually edit a .conf file or something?
Thanks for any help,
Steven
- -----Original Message-----
From:
plug-discuss-admin@lists.plug.phoenix.az.us
[
mailto:plug-discuss-admin@lists.plug.phoenix.az.us]On Behalf Of Craig
White
Sent: Monday, May 02, 2005 10:47 AM
To:
plug-discuss@lists.plug.phoenix.az.us
Subject: Re: IPCop v1.4.5 Configuration
On Sun, 2005-05-01 at 20:42 -0700, Wagner, Steven G wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I just got my IPCop up this morning, but I'm not sure how to disable ping
> requests. Does anyone know offhand how to do this?
>
> Also, any other suggestions in regards to securing IPCop would be greatly
> appreciated as I am new to IPCop and networking in general.
>
> My Network=
>
> Net --> IPCop --> switch --> PIII/WindozeXP & Sempron/WindozeXP.
>
> At www.grc.com ShieldsUp!'s port scan revealed that my port 113 was
> responding, but the connection was closed. I read a bit about port 113 and
> decided to redirect any requests to that port to another unusable IP. Now
> all ports show stealth mode.
>
> TIA for any help, this group is great! I'm eagerly anticipating the day
when
> I know enough to give more than I take in here!
- ----
ipcop by design has already taken care of security issues if you respect
the red/green/orange interface concept...
red - internet/insecure
orange - dmz - internet/insecure
green - your lan / secure
port 113 is identd port and has traditionally been left open so systems
can identify your existence. Redirecting to an unusable ip makes little
sense - better to simply reject port 113.
want more info?
<
http://www.iss.net/security_center/advice/Reference/Networking/Misc/IDENT/d
efault.htm>
Craig
- ---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
- --
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.1 - Release Date: 5/2/2005
- --
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.1 - Release Date: 5/2/2005
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss