Host-Based Firewall options

From: Todd McInerney (McInerneyT@WCSU.EDU)
Date: Sat Jul 19 2003 - 09:27:32 EDT

• Next message: Dr. Martin Körfer: "nologin-exception"
• Previous message: Dr. David Kirkby: "scp problems between Sun and Dec Alpha."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello, all.

I am configuring a new Tru64 5.1b host. Our organization has a policy
instructing us to use firewall options on each host as an extra measure to
secure the host. (e.g. allow only incoming TCP port 22, deny all other TCP
and UDP ports). On Solaris, I can accomplish this with SunScreen; on Linux,
iptables/ipchains.

I tried using FireScreen (screend), but I cannot seem to get it to work. I
have made all of the kernel modifications and created the pseudo device.
But whatever rules I place in the configuration file do not work -- traffic
that should be denied are allowed to connect.

My questions are, is screend an appropriate solution for a host-based
firewall for a Tru64 system? If so, how should the rules be written to
accomplish the above example (i.e. deny everything except TCP 22).

Regards,
Todd

• Next message: Dr. Martin Körfer: "nologin-exception"
• Previous message: Dr. David Kirkby: "scp problems between Sun and Dec Alpha."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:49:27 EDT