I'm getting this error message:

Cyberclops Cyberclops at hawaii.rr.com
Wed Apr 11 10:50:58 PDT 2001 

Well, I like being secure and in fact it takes precedence over the clock
calibration.  I don't think passing the time signal through the firewall
is something that's hard to achieve, it's just my lack of understanding
of how to it and what some of the terminology means or does.  By the way
I downloaded a SuSE security patch ror "ntpd" which I believe is the
program I'm concerned with.  I would have like to seen the demonstration
you were about to give at the YMCA install fest, before it got shut
down.

Warren Togami wrote:
> 
> Please understand that you probably shouldn't use that firewall script.  You
> are confusing this the need of this script with the misguided notion from
> Windows that you need a "personal firewall" like Zonealarm, Zonefree or
> BlackIce Defender.  Windows may need these products because they have no
> facilities on their own for route security.
> 
> What I highly suggest this instead:
> 1. Disable all unneeded services.  ntp is ok to keep, but only if you know
> how to secure it.  Your "firewall" rules are somehow interfering with some
> reply packets.
> 2. Have someone nmap you from the outside to make sure you have your ports
> secure.  Do this every couple weeks.
> 3. At this point, if you are still paranoid, then you can close or filter
> ports using ipchains or iptables.  Not very necessary but doable.
> 
> Your script has all kinds of stuff within it to handle routing between one
> interface to another.  That could possibly confusing your other efforts.
> 
> ----- Original Message -----
> From: "Cyberclops" <Cyberclops at hawaii.rr.com>
> To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
> Sent: Monday, April 09, 2001 7:02 AM
> Subject: [luau] I'm getting this error message:
> 
> > After I enable my SuSE 7.1 firewall configuration, I get the following
> > message"
> >
> > >>>>Apr  9 06:17:45 a24b161n139client142 ntpdate[483]: no server suitable
> for synchronization found<<<<<
> >
> > But if the firewall is not actuated I get this:
> >
> > >>>>Apr  8 12:55:27 a24b161n139client142 ntpdate[308]: step time server
> 128.2.191.71 offset 0.255133 sec<<<<<
> >
> > I have a time fetish and like the clock on my computer to be perfectly
> > synchronized to and Internet time standard.  Can anyone tell me how to
> > get this signal to pass through the SuSE 7.1 firewall?  Note: it uses
> > the 2.4 kernel.
> >
> > With the firewall activated I'm reported as "totally stealth" at the
> > "Shields Up" web site.  That's something I like:  Here is the log
> > entries from the "Shields Up" probe:
> >
> > Apr  9 06:24:28 a24b161n139client142 kernel: Packet log: output DENY
> > eth0 PROTO=1 24.161.139.142:3 24.25.227.34:3 L=203 S=0xC0 I=0 F=0x4000
> > T=255 (#3)
> > Apr  9 06:24:35 a24b161n139client142 kernel: Packet log: output DENY
> > eth0 PROTO=1 24.161.139.142:3 24.25.227.34:3 L=442 S=0xC0 I=0 F=0x4000
> > T=255 (#3)
> > Apr  9 06:30:50 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4022 24.161.139.142:21 L=48 S=0x00 I=52344
> > F=0x4000 T=113 SYN (#12)
> > Apr  9 06:30:53 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4022 24.161.139.142:21 L=48 S=0x00 I=53116
> > F=0x4000 T=113 SYN (#12)
> > Apr  9 06:31:00 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4022 24.161.139.142:21 L=48 S=0x00 I=54885
> > F=0x4000 T=113 SYN (#12)
> > Apr  9 06:31:13 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4108 24.161.139.142:23 L=48 S=0x00 I=58353
> > F=0x4000 T=113 SYN (#16)
> > Apr  9 06:31:16 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4108 24.161.139.142:23 L=48 S=0x00 I=59358
> > F=0x4000 T=113 SYN (#16)
> > Apr  9 06:31:23 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4108 24.161.139.142:23 L=48 S=0x00 I=60730
> > F=0x4000 T=113 SYN (#16)
> > Apr  9 06:31:59 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4267 24.161.139.142:79 L=48 S=0x00 I=3289 F=0x4000
> > T=113 SYN (#20)
> > Apr  9 06:32:02 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4267 24.161.139.142:79 L=48 S=0x00 I=4139 F=0x4000
> > T=113 SYN (#20)
> > Apr  9 06:32:09 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4267 24.161.139.142:79 L=48 S=0x00 I=5581 F=0x4000
> > T=113 SYN (#20)
> > Apr  9 06:32:45 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4382 24.161.139.142:110 L=48 S=0x00 I=13162
> > F=0x4000 T=113 SYN (#22)
> > Apr  9 06:32:48 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4382 24.161.139.142:110 L=48 S=0x00 I=13806
> > F=0x4000 T=113 SYN (#22)
> >
> > ---
> > You are currently subscribed to luau as: warren at togami.com
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> >
> >
> 
> ---
> You are currently subscribed to luau as: Cyberclops at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')

More information about the LUAU mailing list