I'm getting this error message:

Cyberclops Cyberclops at hawaii.rr.com
Wed Apr 11 10:59:20 PDT 2001 

As for disabling unneeded services, I'm not sure what are unneeded, or
where to do it.  I think the SuSE firewall is most likely doing it's
job, but again, I'm uncertain how to let programs that I want pass
through.

Warren Togami wrote:
> 
> Please understand that you probably shouldn't use that firewall script.  You
> are confusing this the need of this script with the misguided notion from
> Windows that you need a "personal firewall" like Zonealarm, Zonefree or
> BlackIce Defender.  Windows may need these products because they have no
> facilities on their own for route security.
> 
> What I highly suggest this instead:
> 1. Disable all unneeded services.  ntp is ok to keep, but only if you know
> how to secure it.  Your "firewall" rules are somehow interfering with some
> reply packets.
> 2. Have someone nmap you from the outside to make sure you have your ports
> secure.  Do this every couple weeks.
> 3. At this point, if you are still paranoid, then you can close or filter
> ports using ipchains or iptables.  Not very necessary but doable.
> 
> Your script has all kinds of stuff within it to handle routing between one
> interface to another.  That could possibly confusing your other efforts.
> 
> ----- Original Message -----
> From: "Cyberclops" <Cyberclops at hawaii.rr.com>
> To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
> Sent: Monday, April 09, 2001 7:02 AM
> Subject: [luau] I'm getting this error message:
> 
> > After I enable my SuSE 7.1 firewall configuration, I get the following
> > message"
> >
> > >>>>Apr  9 06:17:45 a24b161n139client142 ntpdate[483]: no server suitable
> for synchronization found<<<<<
> >
> > But if the firewall is not actuated I get this:
> >
> > >>>>Apr  8 12:55:27 a24b161n139client142 ntpdate[308]: step time server
> 128.2.191.71 offset 0.255133 sec<<<<<
> >
> > I have a time fetish and like the clock on my computer to be perfectly
> > synchronized to and Internet time standard.  Can anyone tell me how to
> > get this signal to pass through the SuSE 7.1 firewall?  Note: it uses
> > the 2.4 kernel.
> >
> > With the firewall activated I'm reported as "totally stealth" at the
> > "Shields Up" web site.  That's something I like:  Here is the log
> > entries from the "Shields Up" probe:
> >
> > Apr  9 06:24:28 a24b161n139client142 kernel: Packet log: output DENY
> > eth0 PROTO=1 24.161.139.142:3 24.25.227.34:3 L=203 S=0xC0 I=0 F=0x4000
> > T=255 (#3)
> > Apr  9 06:24:35 a24b161n139client142 kernel: Packet log: output DENY
> > eth0 PROTO=1 24.161.139.142:3 24.25.227.34:3 L=442 S=0xC0 I=0 F=0x4000
> > T=255 (#3)
> > Apr  9 06:30:50 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4022 24.161.139.142:21 L=48 S=0x00 I=52344
> > F=0x4000 T=113 SYN (#12)
> > Apr  9 06:30:53 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4022 24.161.139.142:21 L=48 S=0x00 I=53116
> > F=0x4000 T=113 SYN (#12)
> > Apr  9 06:31:00 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4022 24.161.139.142:21 L=48 S=0x00 I=54885
> > F=0x4000 T=113 SYN (#12)
> > Apr  9 06:31:13 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4108 24.161.139.142:23 L=48 S=0x00 I=58353
> > F=0x4000 T=113 SYN (#16)
> > Apr  9 06:31:16 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4108 24.161.139.142:23 L=48 S=0x00 I=59358
> > F=0x4000 T=113 SYN (#16)
> > Apr  9 06:31:23 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4108 24.161.139.142:23 L=48 S=0x00 I=60730
> > F=0x4000 T=113 SYN (#16)
> > Apr  9 06:31:59 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4267 24.161.139.142:79 L=48 S=0x00 I=3289 F=0x4000
> > T=113 SYN (#20)
> > Apr  9 06:32:02 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4267 24.161.139.142:79 L=48 S=0x00 I=4139 F=0x4000
> > T=113 SYN (#20)
> > Apr  9 06:32:09 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4267 24.161.139.142:79 L=48 S=0x00 I=5581 F=0x4000
> > T=113 SYN (#20)
> > Apr  9 06:32:45 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4382 24.161.139.142:110 L=48 S=0x00 I=13162
> > F=0x4000 T=113 SYN (#22)
> > Apr  9 06:32:48 a24b161n139client142 kernel: Packet log: input DENY eth0
> > PROTO=6 207.71.92.221:4382 24.161.139.142:110 L=48 S=0x00 I=13806
> > F=0x4000 T=113 SYN (#22)
> >
> > ---
> > You are currently subscribed to luau as: warren at togami.com
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> >
> >
> 
> ---
> You are currently subscribed to luau as: Cyberclops at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')

More information about the LUAU mailing list