[K12OSN] firewall question

Kemp, Levi lnkemp at bolivar.k12.mo.us
Sat Mar 1 16:25:52 UTC 2008

-----Original Message-----
From: k12osn-bounces at redhat.com on behalf of Vi Thai
Sent: Fri 2/29/2008 6:58 PM
To: k12osn at redhat.com
Subject: [K12OSN] firewall question
Hi everyone!  I'm the technology coordinator of a small school in
Glenburn, Maine.  I have two separate but related issues.
I recently changed the firewall settings on three of my k12ltsp
servers that are running Fedora 6.  I received this message from my
network manager from server a: "outbound port tcp/22 (secure shell)
scanning detected."  I'm not really sure what this meant, so I looked
at the firewall settings on this particular server and noticed that
one of the trusted ports was SSH, which I read uses port 22.  We only
allow users to login from clients from within ou
r school and no one from outside school can log in, so I didn't think
turning off SSH would be a problem.  After turning SSH off some of the
clients on the server could not log in.  I reset the server and
everything was back to normal.  Is this what I should have done to
address the message I received?  There hasn't been an update since the
summer so should I do a "yum update" in the terminal to ensure that
all software on the server is updated?
I then went to look at the firewall settings for the other two servers
("server b" and "server c") and noticed that neither of the firewalls
on the servers were even on!  I quickly changed the settings so that
the firewall was enabled with no exceptions.  I reset the server and
everyone was able to connect after the restart.  I thought everything
was fine until a few minutes later when a teacher called and indicated
that she couldn't get onto the wireless airport out in her portable (I
had put an apple wireless airport out there plugged into the WAN port
which was plugged into a switch on "server c").  The airport was
working fine before I turned on the firewall and even if turn the
firewall off I still cannot get the airport to work.  Anyone have an
thoughts on how I could solve this issue.  I really don't want to turn
the firewall off even though it has been on since I've been here last
October.  My suspicion is that the firewall has been disabled for over
two years now with no apparent problems.  We have been having a
network slow down so perhaps there has been a compromise on one of
these servers and I have not been informed yet.  I know it's a silly
question, but should this firewall even be turned on?  I'm new to this
type of network and any help provided would be greatly appreciated.


K12OSN mailing list
K12OSN at redhat.com
For more info see <http://www.k12os.org>

 I'd have to look it up but I recall someone asking this question before. The issue was with clients, both thin clients and regular fat clients on the DHCP side of the server not getting through. The solution was to open up ports on that NIC, the internal one so that all the traffic on the internal network could get through. I believe they used Webmin to do this easier. This should allow you to keep the external firewall on to protect the server and allow anyone on the inside to get through.
 As far as you second question goes, do you have an external firewall for the entire school? If so having one on your K12LTSP server may not be necessary, but if you can get it working it couldn't hurt.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 4223 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/k12osn/attachments/20080301/3bcfff5a/attachment.bin>

More information about the K12OSN mailing list