EMERGENCY - need to secure my server against an ongoing SPAMMER
Roger Grosswiler
roger at gwch.net
Tue Mar 15 06:30:46 UTC 2005
Bob Brennan schrieb:
>>As a final thought, messing directly with your iptables setup is fun but
>>can become a distracting and wasteful time burner. If you are, or can
>>get comfortable with any of the GUI based firewall setup tools on Fedora
>>I urge you use them. They are not as flexible as direct manipulation
>>but they are less error prone and, unlike the advice I give above, they
>>are not based on someone else's iptables assumptions, which when unknown,
>>(as in this case), will eventually bite you.
>
>
> Thanks again for the great advice Jeff - I will read and re-read the
> link you sent until something sinks in. In the meantime I have been
> (not comfortably) using the iptables command but would rather use one
> of the "GUI based firewall setup tools on Fedora" you mention above. I
> did try all of the logical system-config-xxx commands I could find but
> none that show me a neat list of iptables. Tips-for-Dummies, or better
> links-for-dummies here would help. Dabblers in an area like this can
> do more damage than good - like someone who provides an open relay to
> the entire spam world without knowing it..... :-( ...for instance.
>
> thanks,
> bob
>
The included GUI is system-config-securitylevel
(system-config-securitylevel-tui in shell for not using shellgraphics)
i personal use firestarter, you will find it in the fedora-extras, so it
is installable via yum :-).
Firestarter is easy to configure, completely manageable in gui and
powerful, you can set a lot of options with few klicks. It allows also
stealthing ports (which might be helpful for you for some ports like
ssh..) see some screenshots on its homepage:
http://firestarter.sourceforge.net
HTH
Roger
More information about the fedora-list
mailing list