[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] suse-security list



Hi,

ic!

Looks like i am going to experiment a bit with my server tonight ;)))

Thanks for the info! Could come in very handy for me ;) This way I can also
protect my Win"blows" Unreal server (in the LAN) a bit more from sending out
sh*tty stuff when infected with a virus of some sort .. Off course I take my
precautions, but some extra security is always welcome ;)

Thanks again

Regards

Chris
----- Original Message -----
From: "Andreas J Mueller" <andy@xxxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Thursday, October 24, 2002 6:46 PM
Subject: Re: [suse-security] suse-security list


> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hi Chris!
>
> > What you should definitly do is open port 5678 on FW_SERVICES_EXT_TCP,
> > otherwise the firewall won't allow clients to connect. And you can get
rid
> > of port 80 on EXT because you use the other port for it.
>
> > FW_SERVICES_EXT_TCP="25 53 5678"
>
> That's not necessary for SuSE-FW2 (at least in 8.0), because the
> forwarding code will create the needed ACCEPT rules independently of
> the settings in FW_SERVICES_EXT_TCP.  However, if the destination host
> is itself not masqueraded, e.g., not listed in FW_MASQ_NETS, the reply
> packets won't get back through the firewall.  I found that out while
> setting up a Windows web server that should only accept incoming
> connections on port 80 and have no other Internet access.
>
> Regards, Andy
>
> - --
> Andreas J. Mueller                            email: <andy@xxxxxxxxxx>
> PGP RSA Public Key ID 0x3D41D941 FP: ED261973D51D3D20 C840B0542E69F602
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.0 (MingW32)
>
> iQC9AwUBPbgj8PobN5o9QdlBAQES7AU/XglTmJHdo+Ca8v0hzsD8cUsIuc/3nEBI
> 9RJJgaA6JCqxg3d8ONxgxwA4sSJ9tzYzNBboCQDvFtWNo2ABFfPnW0h6+0lyD9F+
> ZkZ5a97jXZMM8b85XVkeezxI9JFXABrf6TEYdO2stkF+gknvc4LGZ6mcrrGYgTwo
> UO1EarVvV28uk2cyZa8G6X21NR8vPHTAogK4OqWBfexnzWjTaxXNzyY+94fHHNpA
> =2Oq3
> -----END PGP SIGNATURE-----
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here