Linux-Bulgaria.ORG

навигация

начало

пощенски списък

архив на групата

По Дата

Re: Re: lug-bg: parvi stapki

Subject: Re: Re: lug-bg: parvi stapki
From: i.kolemanov@xxxxxxxx (ISM Kolemanov, Ivan)
Date: Wed, 6 Sep 2000 13:11:10 +0200



Problemat e kak i kakvo da instaliram i konfiguram, 
taka che da otkriva instinskite IPta ot spoofnati IP adressi ?

>Neshto ne mi haresva kak ti e nastroen firewall-a, che i nagore po
>tvoia ISP?? Kakyv e toia firewall, koito puska paketi ot 10.0.0.1???? 
>
>IMHO takiva paketi ot vynshnata mreza triabva vednaga da se DENY-vat.
v log izvadkata se vizda che paketite pristigat na xl0 (internet vrazka
i sa blockirani), b = block

>Iskam da ti predloza da otidesh eto na tozi adres 
>http://www.linux-firewall-tools.com/linux/firewall/index.html
>
>i ako ti administrirash tozi firewall, da go configurirash nanovo.
>Mislia, che po default ti generira pravila s koito takiva "faked"
>paketi se razkarvat. 
S OpenBSD sam i IPFiltera smqtam sam go konfignal sravnitelno dobre

>Znaniata mi stigat do tuka. Spored men triabva da se obadish i na
>tvoia provider i da go pitash kak taka takiva paketi stigat do tebe.
>Spored men tozi problem moze da se reshi samo sys sydeistvie na
>providera. Tolkova ot men.... 
>--JS
tochno tova smqtam da napravq, mersi

>PS. I si pomisli dali sluchaino niakoi ot localnata mreza ne ti igrae
>niakakyv nomer. Samo predpolozenie....
nqma shans te sa zad drugo PC :)

On Wed, Sep 06, 2000 at 11:19:58AM +0200, ISM Kolemanov, Ivan wrote:
|Snort report:
|Sep  4 21:31:43 211.34.121.57:2429 -> my1st_DMZ-IP:21 SYN **S*****
|...
|Sep  4 21:31:43 211.34.121.57:2443 -> mylast_DMZ-IP:21 SYN **S*****
|
|Sep  5 14:35:02 10.0.0.1:21 -> my1st_DMZ-IP:21 SYNFIN **SF****
|...
|Sep  5 14:35:02 10.0.0.1:21 -> mylast_DMZ-IP:21 SYNFIN **SF****
|
|IPFilter log:
|ipflog.0:Sep  5 14:26:23 tangra ipmon[31411]: 14:26:23.057576
|      xl0 @1:4 b 10.0.0.1,21 -> 255.255.255.255,21 PR tcp len 20 40 -SF IN
|ipflog.0:Sep  5 14:26:23 tangra ipmon[31411]: 14:26:23.096216
|      xl0 @1:4 b 10.0.0.1,21 -> mygateIP,21 PR tcp len 20 40 -SF IN
|ipflog.0:Sep  5 14:35:02 tangra ipmon[31411]: 14:35:02.038646
|      xl0 @1:4 b 10.0.0.1,21 -> my1st_DMZ-IP,21 PR tcp len 20 40 -SF IN
|...
|ipflog.0:Sep  5 14:35:05 tangra ipmon[31411]: 14:35:05.319257
|      xl0 @1:4 b 10.0.0.1,21 -> mylast_DMZ-IP,21 PR tcp len 20 40 -SF IN
|
==================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
Otpiswaneto RABOTI !!! : Majordomo@xxxxxxxxxxxxxxxxxx UNSUBSCRIBE LUG-BG
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora

Във връзка с:
- Re: Re: lug-bg: parvi stapki
  - Изпратено от: stoev@xxxxxxxxxxxxxxxxx (Julian Stoev)
- Re: lug-bg: parvi stapki
  - Изпратено от: bkrosnov@xxxxxxxxx (Boyan Krosnov)

Предишно по дата: Re: lug-bg: parvi stapki
Следващо по дата: Re: lug-bg: parvi stapki
Предишно по тема: Re: lug-bg: parvi stapki
Следващо по тема: Re: lug-bg: parvi stapki
Индекс:
- По дата
- По тема

наши приятели

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

Linux-Bulgaria.ORG