Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Bradley Hope (bradley_at_thorngarden.net)
Date: Sun Jan 12 2003 - 12:24:32 CST
Sorry, my bad. I'm running 8.1 with all applicable updates installed.
If shorewall is recommended as a better option than Bastille, and compatible
with 8.1, by all means I will follow your suggestion to change over to it.
I am presently digging deeper into MSec right now learning what I can, and
can't, do with it.
----- Original Message -----
From: "Buchan Milne" <bgmilnecae.co.za>
Sent: Sunday, January 12, 2003 10:06 AM
Subject: Re: [discuss] Security levels
> On Sun, 12 Jan 2003, Bradley Hope wrote:
> > Finally ended up in Mandrake UserDocs and found I was asking about MSec,
> > found how to modify...not exactly what I was hoping for, but sometimes
> > reality bites in the strangest places.
> The firewall (ie blocking ports) is done by the firewall tool (drakfw) in
> 9.0, but you may want to configure shorewall by hand (quite easy).
> > At this point I think I have the box hardened about as well as it's
> > be considering it is designed to be an internet server,
> > web/ftp/irc/ssh/browser accessed imap/local pop3, etc.
> > Guess I'll find out if I missed something when I get cracked, eh? ;>
> > Thanks
> > Bradley
> > ----- Original Message -----
> > From: "Bradley Hope" <bradleythorngarden.net>
> > To: <discussmandrakesecure.net>
> > Sent: Saturday, January 11, 2003 10:13 AM
> > Subject: [discuss] Security levels
> > > I'm running Bastille curses for a simple firewall, modified
> > > /etc/Bastille/bastille-firewall.cfg to allow extra ports for
> > > servers I'm running.
> > >
> What distro is this, bastille is deprecated in favour of shorewall.
> > > My question is, when using Control Panel security and setting security
> > level
> > > to high, is there a config file I can modify to allow ports/services
> > > get blocked at that level, ie, pop3, ssh, etc?
> > >
> Yuo can make custom levels, and edit the rules graphically in 9.0. For
> example, you could edit on a desktop box, and then copy
> /etc/security/msec/levels.local (IIRC) to the production box.
> |----------------Registered Linux User #182071-----------------|
> Buchan Milne Mechanical Engineer, Network Manager
> Cellphone * Work +27 82 472 2231 * +27 21 8828820x121
> Stellenbosch Automotive Engineering http://www.cae.co.za
> GPG Key http://ranger.dnsalias.com/bgmilne.asc
> 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7