OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Bradley Hope (bradley_at_thorngarden.net)
Date: Sun Jan 12 2003 - 12:24:32 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Sorry, my bad. I'm running 8.1 with all applicable updates installed.

    If shorewall is recommended as a better option than Bastille, and compatible
    with 8.1, by all means I will follow your suggestion to change over to it.

    I am presently digging deeper into MSec right now learning what I can, and
    can't, do with it.

    Bradley

    ----- Original Message -----
    From: "Buchan Milne" <bgmilnecae.co.za>
    To: <discussmandrakesecure.net>
    Sent: Sunday, January 12, 2003 10:06 AM
    Subject: Re: [discuss] Security levels

    > On Sun, 12 Jan 2003, Bradley Hope wrote:
    >
    > > Finally ended up in Mandrake UserDocs and found I was asking about MSec,
    and
    > > found how to modify...not exactly what I was hoping for, but sometimes
    > > reality bites in the strangest places.
    >
    > The firewall (ie blocking ports) is done by the firewall tool (drakfw) in
    > 9.0, but you may want to configure shorewall by hand (quite easy).
    >
    > >
    > > At this point I think I have the box hardened about as well as it's
    going to
    > > be considering it is designed to be an internet server,
    > > web/ftp/irc/ssh/browser accessed imap/local pop3, etc.
    >
    >
    > >
    > > Guess I'll find out if I missed something when I get cracked, eh? ;>
    > >
    > > Thanks
    > > Bradley
    > >
    > >
    > > ----- Original Message -----
    > > From: "Bradley Hope" <bradleythorngarden.net>
    > > To: <discussmandrakesecure.net>
    > > Sent: Saturday, January 11, 2003 10:13 AM
    > > Subject: [discuss] Security levels
    > >
    > >
    > > > I'm running Bastille curses for a simple firewall, modified
    > > > /etc/Bastille/bastille-firewall.cfg to allow extra ports for
    additional
    > > > servers I'm running.
    > > >
    >
    > What distro is this, bastille is deprecated in favour of shorewall.
    >
    > > > My question is, when using Control Panel security and setting security
    > > level
    > > > to high, is there a config file I can modify to allow ports/services
    that
    > > > get blocked at that level, ie, pop3, ssh, etc?
    > > >
    >
    > Yuo can make custom levels, and edit the rules graphically in 9.0. For
    > example, you could edit on a desktop box, and then copy
    > /etc/security/msec/levels.local (IIRC) to the production box.
    >
    > Buchan
    >
    > --
    > |----------------Registered Linux User #182071-----------------|
    > Buchan Milne Mechanical Engineer, Network Manager
    > Cellphone * Work +27 82 472 2231 * +27 21 8828820x121
    > Stellenbosch Automotive Engineering http://www.cae.co.za
    > GPG Key http://ranger.dnsalias.com/bgmilne.asc
    > 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7