Stealthing Ports in system-config-securitylevel was: SSH brute force attack

[shrek-m at gmx.de]

Roger Grosswiler wrote:

> But i can tell you in a bit a philosophical way, that the firewall 
> should be done for newbs - they connect to the internet, no firewall 
> (i still see this now...) and they often never remark, that their 
> computer is captured.


you mean here linux machines ?

> And who has to resolve it??? Not themselves, as it is easier to 
> install a simple firewall than removing trojans, worms and alle the 
> rest of this *#%& - they trust on tools and experts and experts 
> writing those tools :-)
>
> I deleted on a friends machine 7 trojans and 3 dialers, nevermind 
> where he was surfing :-)


i assume he had no on-access scanner.

was this a linux machine
or a windowzer behind an older linux-pc with a firewall or 
squid/danguardian ?
see eg $ vi /usr/share/doc/rp-pppoe-*/configs/firewall-*

> At least, i just installed him zonealarm (yes, his a windozer...),


zonealarm for linux ? no thanks, i prefer iptables.

> closed everything and explained him, how to handle that part, if a 
> windows comes up and tries accessing to internet. Since then, he was 
> clean.


OT:
hahaha :-)
if you close all eg. "generic host bla" he will run in trouble.
i have seen zonealarms allowed everything because the "newbies" allow 
after a short time all applications.
result: i have a firewall, why do i have trojans/worms/etc ?

-- 
shrek-m