TUCoPS :: Linux :: Discontinued :: lipart2.txt

Linux Info, Part 2. Closing ports, restricting telnet access, Firewall, PPP

Linux Info: Part 2 - Closing Ports, Restricting Telnet Access, Firewall, PPP
By: dr0z(Sept. 5 1998)

*Note: Hopefully you have read " Linux Info: Part 1 ", if you havn't, do that first =]

By now you better have linux installed on your system, if you don't this part won't do you much good. In this part I will show you some thing you should do before
getting on-line with linux. Also I will give you a easy to use ppp script that should help you get on the net. 
OK, lets get started... 

First thing you need to do is close all unecessary ports that are open. You can do this by editing the /etc/inetd.conf file. Personally I close them all except Auth(113),
since some servers require it to be open. You close a port by putting a "#" in front of the line. If you are planning on giving shell accounts then you need to leave the
telnet and rlogin shit open. If you don't the customers won't be able to login remotely =]. Also leaving unecessary ports open will raise hell when you get on the
internet. So if you leave one open, you are asking for trouble. hehe....I learned the hard way. =] 

Next, you need to put restrictions on who you want to allow and who to deny telnet access to. If you are not gonna offer shell accounts you will want to restrict all
telnet to everyone. You do this by editing the /etc/hosts.allow and /etc/hosts.deny, in the /etc/hosts.allow you will want to add "localhost", and any trusted hosts(if
any), then in the /etc/hosts.deny you will want to add "ALL: ALL", that will deny all hosts, except the ones specified in the hosts.allow file. Ok, now if you are gonna
give shell accounts then you will probably want to put ALL: ALL in the hosts.deny file, and then as customers sign up you can put thier host name into the
hosts.allow. You can do it however you like, I don't know how the big places give shell accounts and keep from letting unwanted users telnet in. That is how I would
probably do it though. =] 

Ok, now if you want a firewall i will give you the files you need and info on setting it up. First I would like to thank l0rds(cyberk9.uddf.net) for helping me setup this
firewall on my linux box. Now, onto business... First go d/l this file: http://www.geocities.com/SiliconValley/Park/7292/isinglass-1.12.tar 
Once you have that file untar it and read the readme =]. Before you do anything edit the isinglass.conf in the base dir for isinglass =]. editing the file is pretty
self-explanitory, if you don't understand what it says, then you shouldn't be installing this firewall. If you don't have ipwafdm installed on your linux box, you can go
d/l it at ftp.unc.sunsite.edu 

Now onto the ppp script. You can d/l it at http://www.geocities.com/SiliconValley/Park/7292/connect.tgz 

Current Kernel Version: 2.0.35 (Stable)
Get it at: ftp.kernel.org

Linux Info: Part 3  C-O-M-I-N-G  S-O-O-N

Shoutouts to: ResiD, Strife, l0rds, Bigg_dawg, kan, XeXeN, PhrznCorpz, and anyone else I may have forgot.

						Fusion In Da HOUSE!

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH