Re: [Setup-tool-hackers] I thought I would check and see first...
- From: Luis Villa <louie ximian com>
- To: setup-tool-hackers ximian com
- Subject: Re: [Setup-tool-hackers] I thought I would check and see first...
- Date: 24 Jul 2001 16:41:14 -0400
You may want to take a look at Alan Cox's firewall tool. The name
completely escapes me, but it would probably be a good starting point.
Luis
On 24 Jul 2001 14:32:48 -0600, Burra wrote:
>
> Yes, I guess a firewall configurator makes more sense if xst is just for
> system configuration files. I could do this very easily... I can do rules
> to open up/block specific ports, allow trusted hosts, disallow untrusted
> hosts, block typicaly dos attacks and block port scans for iptables,
> ipchains, and ipf.
>
> We might put this under "Security" and tie in host.allow/hosts.deny
> configuration, PAM configuration, and other /etc based security config
> files.
>
> Thoughts?
>
> --------------------[-- burra@colorado.edu --]--------------------------
>
> On Tue, 24 Jul 2001, Mitch Allmond wrote:
>
> > what about a firewall configurator? Is this in the works? It would be great to
> > have a tool in xst that can configure iptable firewalls, and give the option
> > for it to be activated on boot or not. I'll do a little text example
> > below. The idea is to show each ethernet device, supply check boxes to block
> > or open that service/port to that device, to allow user input for specific
> > ports, and to allow masquerading.
> >
> > Eth0 Eth1
> > _ ssh _
> >
> > _ smtp _
> >
> > _ http _
> >
> > _ etc... _
> >
> > _ X11 _
> >
> > _ | insert port | _
> >
> > _ | insert port | _
> >
> > ---------------------------------------
> > _ masquerade virtual ips (default 192.168.0.0) manual _____________
> > _ close all ports/services not handled above
> >
> >
> > etc......... you get the point
> >
> > if there was
> >
> > Chema Celorio wrote:
> >
> > > On 23 Jul 2001 21:15:27 -0600, Burra wrote:
> > > >
> > > > Hi setup-tool hackers,
> > > > After successfully creating the basic componets of a setup tool, I am
> > > > about to (currently actually) impliment a "security-setup-tool". This
> > > > tool will check your file system, services, network, the list goes on...,
> > > > and offer fixes once it has encountered a security problem.
> > > >
> > > > I thought I would check and see first if someone is already impliemnting
> > > > this... Anyone? I guess I am looking for a blessing from everyone to go
> > > > ahead :)
> > >
> > > The idea sounds great, but i am not sure it belong inside XST. XST read
> > > system configuration and write system configuration. This security
> > > program sounds good but does not quite fit in the architecture.
> > >
> > > >
> > > > If no one is already doing this, I will post my code, once I get all
> > > > basic functions in place, for approval to add it to cvs, hopefully :)
> > > >
> > > > --------------------[-- burra@colorado.edu --]--------------------------
> > > >
> > > >
> > > > _______________________________________________
> > > > setup-tool-hackers maillist - setup-tool-hackers@ximian.com
> > > > http://lists.ximian.com/mailman/listinfo/setup-tool-hackers
> > > >
> > >
> > > _______________________________________________
> > > setup-tool-hackers maillist - setup-tool-hackers@ximian.com
> > > http://lists.ximian.com/mailman/listinfo/setup-tool-hackers
> >
>
>
> _______________________________________________
> setup-tool-hackers maillist - setup-tool-hackers@ximian.com
> http://lists.ximian.com/mailman/listinfo/setup-tool-hackers
--
Luis Villa
Ximian Bugmaster
"Quality is an amazing bridge because it is universal in its language."
Thomas Corcoran
_______________________________________________
setup-tool-hackers maillist - setup-tool-hackers@ximian.com
http://lists.ximian.com/mailman/listinfo/setup-tool-hackers
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
