Configration of Firewall.(plz help me)

Protecting your Linux box

Configration of Firewall.(plz help me)

Postby arpanet » Fri Nov 07, 2003 1:09 pm

ADAB..

I want to configure my fire wall on my Linux rh9.0 as when I am installing linux I check no firewall. As now my network administrator is log my key stokes through UDP and http ports… that y I want to configure my fire wall to up to high so that he not able to access to my system if u have some other solution plz let me know and to configure firewall in GUI is much use full 4 me then in shell coz I am newbie and not know much about the shell but I will tray that too. Plz help me
Thanks.



RAB RAKAHA.
{s7r1k3r}
Be MiNe.
arpanet
Naik
 
Posts: 83
Joined: Thu Jul 17, 2003 2:27 am
Website: http://www.reciteofquran.tk
WLM: allahlok@hotmail.com
Location: PaK1S7aN / LaH0r3

Re:

Postby LinuxFreaK » Fri Nov 07, 2003 9:04 pm

Dear Arpanet,
Salam,

Sir, I think firwall does not works for you i think you have to use some kind of encryption software..... http://freshmeat.net/search/?q=encrypti ... n=projects and one most important thing that the other person also have the same encryption software to read your messages and your emails etc etc....

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby arpanet » Fri Nov 07, 2003 11:32 pm

ADAB..

Hmmmm u r right but it is too hard the eache persone wo is talking to me. downaload the soft and then intal in. is there is any other possiable way.

RAB RAKAHA.
{s7r1k3r}

Be MiNe.
arpanet
Naik
 
Posts: 83
Joined: Thu Jul 17, 2003 2:27 am
Website: http://www.reciteofquran.tk
WLM: allahlok@hotmail.com
Location: PaK1S7aN / LaH0r3

Postby LinuxFreaK » Fri Nov 07, 2003 11:43 pm

Dear Arpanet,
Salam,

No idea about that, may be some one else on the forum can help you out and told you another possible way for that purpose... ;)

arpanet wrote:ADAB..
Hmmmm u r right but it is too hard the eache persone wo is talking to me. downaload the soft and then intal in. is there is any other possiable way.

RAB RAKAHA.


Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby arpanet » Fri Nov 07, 2003 11:50 pm

ADAB..

Bro as i think the admin is taking my info 4rm the ports that are used by Msn and Yahoo in linxu .. now sugest me some thing what i had to do. is there is any way to change my yahoo msn request ports and send yahoo/msn request on other porst insted of default ports.




i am rellay stugling and wondring coz he is doing illagle thing and i also not have any prove and this is making me sick mind :oops: he is making me :evil: but i want to say calm. that y i post all over hear.

RAB RAKAHA.
{s7r1k3r}

Be MiNe.
arpanet
Naik
 
Posts: 83
Joined: Thu Jul 17, 2003 2:27 am
Website: http://www.reciteofquran.tk
WLM: allahlok@hotmail.com
Location: PaK1S7aN / LaH0r3

Postby Faraz.Fazil » Sat Nov 08, 2003 11:47 pm

Yo man, help is here!

If you didnot enable the firewall during setup, you can do so now.

Do this:

1.run redhat-config-securitylevel from terminal .OR browse to main menu =>System Settings=>Security Level

Set the firewall settings using the gui tool shown.

Set Security Level to High
Click on the Use default firewall rules option.

If you want, you can customize your firewall settings even more.
Remember, you use the eth0 device for your lan card connection to your dcn.

2.Also, then run the command setup from terminal.Highlight firewall configuration.Set the security level to HIgh and click OK.

3.Exit.

4.Reboot

5.Now, its time to check your security.

Goto a website like:

http://scan.sygate.com

It scans your system for open ports and any security vulnerabilities.
Check to see if your system is secure enough.

www.grc.com is another good site.Run their shields up test as well.

(note: scan.sygate and grc shields up are basically security tests for windows machines...but they do scan linux machines as well.)

6.Enjoy!
Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby zaeemarshad » Sun Nov 09, 2003 12:29 am

what i think is his problem is that his admin is probably sniffing his packets as he is probably sitting at the gateway. its easy to do that. one thing he can do is encrypt his all outgoing traffic.but i dunno that whether it will be enuff to bypass the gateway or not. i think u cant bypass the admin :(

Regards
Zaeem Arshad
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Postby Faraz.Fazil » Sun Nov 09, 2003 1:16 am

I doubt, that his cable admin would be skilled enough to use a packet sniffer.

Here is a definition of a packet sniffer, taken from a sniffing faq:

================================

START OF DEFINITION

A "sniffing" program known as a packet sniffer lets someone listen in on computer conversations.

However, computer conversations consist of apparently random binary data. Therefore, network wiretap programs also come with a feature known as "protocol analysis", which allow them to "decode" the computer traffic and make sense of it.

END OF DEFINITION
==================================

If his cb admin does use packet sniffing, then his only option would be to encrypt his data.

It is lot more easy to do packet sniffing when hubs are involved rather than when switches are used.coz Switches use unicast.

arpanet, how can you be so sure that your cable walla is spying and logging your keystrokes? ANy evidence?

Anywayz, do set up the firewall as i explained before and run the tests.

zaeemarshad wrote:what i think is his problem is that his admin is probably sniffing his packets as he is probably sitting at the gateway. its easy to do that. one thing he can do is encrypt his all outgoing traffic.but i dunno that whether it will be enuff to bypass the gateway or not. i think u cant bypass the admin :(

Regards
Zaeem Arshad
Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby zaeemarshad » Sun Nov 09, 2003 1:35 am

one thing: key loggin can only be done if there is a keylogger on your system. scan your system for trojan horses. what os are u using btw. if u u r using windows than use zonealarm or the like and next time use a windows mailing list. in linux faraz already posted the answer. just select high in redhat-config-security

Regards
Zaeem Arshad
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Re:

Postby LinuxFreaK » Sun Nov 09, 2003 1:45 am

Dear Arpanet,

At the moment, let’s not drive the discussion to what sniffing is and differences between switches and hubs.

Regardless of how many ports you change, or whether your cable network is using switches or hub, or whether you use firewall or not, point to be noted is that because your admin is sitting on the gateway from where every message of your leaves to the internet.
You’ve got two choices:

§ Use PGP or GPG for encrypting your emails and sending them on internet, browses only SSL enabled websites, because during SSL your data is encrypted based on random session keys. And don’t use MSN / Yahoo / IM’s, If you consider your IM chat to be of classified in nature.

§ Secondly, change the cable network provider, tell all the users of cable network about the breach of privacy and security...

GET INVOLVED
OR
GET RUN OVER

Simple as that

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby cwackked » Sun Nov 09, 2003 2:26 am

block your admins ip in your table so he cant ping u. most of the scripts used by such loggers check if youre online by pinging. also add a rule to stay invisible from that machine
man iptables
-umer
cwackked
Lance Naik
 
Posts: 33
Joined: Sat Aug 30, 2003 7:23 am
Website: http://desimart.net
WLM: cwackked@hotmail.com

Postby arpanet » Sun Nov 09, 2003 3:04 am

ADAB..

arpanet, how can you be so sure that your cable walla is spying and logging your keystrokes? ANy evidence?

Anywayz, do set up the firewall as i explained before and run the tests

by Faraz.Fazil


yap i will set up my fire wall and is it works 4 me.
i know all that coz he him self tell me that with who i am chaiting and what i am typing.. as i also talking to him and also with my friend at that time he told me my friend id and chat that i did.

one thing: key loggin can only be done if there is a keylogger on your system. scan your system for trojan horses. what os are u using btw. if u u r using windows than use zonealarm or the like and next time use a windows mailing list. in linux faraz already posted the answer. just select high in redhat-config-security

Regards
Zaeem Arshad


as i am linux not know which will work and on windows i am allready using zoon pro but a old version going to upgrade that and about key loger i inteled key loger and i chek my system time to time too and he is still loging.


And don’t use MSN / Yahoo / IM’s, If you consider your IM chat to be of classified in nature


if i not use than what to do and he is using swiches.

while doing chat in windows i know how to change my ip in window coz he is just loging my chat so i think he may be set snifer on my ip i chage it in wodow time to time but not know how in linux.

block your admins ip in your table so he cant ping u. most of the scripts used by such loggers check if youre online by pinging. also add a rule to stay invisible from that machine
man iptables

-omer (cwackked).


i am new one i get this link 4 doing this have a look and tell me is it ok to block ip. in ip tables.
http://www.linux-firewall-tools.com/linux/book/

and also tell me how to chage ip in linux and can it works 4 me and about changing the cable provider his is only who is near by me other one is just a litte far and as i also frafer him coz he is useing setlit link and crount one is using multi dial up. as he come near i will change it.
the crount one is only haveing problems with me with other he is ok. i dont know why may be i want to leran and i try to explore network and other just do the chating and this and that ... :(.

thanks 4 ur help all ..

RAB RAKAHA.
{s7r1k3r}

Be MiNe.
arpanet
Naik
 
Posts: 83
Joined: Thu Jul 17, 2003 2:27 am
Website: http://www.reciteofquran.tk
WLM: allahlok@hotmail.com
Location: PaK1S7aN / LaH0r3

Postby lambda » Sun Nov 09, 2003 3:57 pm

Faraz.Fazil wrote:I doubt, that his cable admin would be skilled enough to use a packet sniffer.


bad assumption. this argument is about as valid as "no one will hack my system, i'm just a nobody, why should i use up2date/windows update/etc?"

It is lot more easy to do packet sniffing when hubs are involved rather than when switches are used.coz Switches use unicast.


most managed switches let you copy traffic from one or more ports to a monitoring port.

all traffic going in and out of the cable admin's network goes through his network. many cable operators just have one box with a satellite downlink and isdn (or worse -- dialup) uplink. they can monitor all their traffic from that box.
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby Faraz.Fazil » Sun Nov 09, 2003 7:31 pm

Correct...but the thing is the majority of the cable net admins/operators in Pakistan are unskilled and donot even know the basics, let alone using a packet sniffer.Hence what i posted was NOT an assumption, BUT a FACT.

Check out for yourself by having experiences with different cable net admins and you'll find it for yourself.

But i do agree, all your activity on such desi cable networks can be monitored easily by the admin, if he has the simple skills.

lambda wrote:
Faraz.Fazil wrote:I doubt, that his cable admin would be skilled enough to use a packet sniffer.


bad assumption. this argument is about as valid as "no one will hack my system, i'm just a nobody, why should i use up2date/windows update/etc?"

Linux for Life!
Faraz.Fazil
Major General
 
Posts: 1024
Joined: Thu Jul 04, 2002 5:31 pm
WLM: faraz7476@hotmail.com
Location: Karachi/Pakistan/Earth/Universe

Postby arpanet » Mon Nov 10, 2003 9:28 am

ADAB..
Sir what about my solution. last day i go and chek the sever .. he is using net snifer and msn snifer and network tarfic filter all at same time .. i also install one thing on his system that is keyloger and yet i get his one passowrd yet let see if GOD help me and i get more.. then i will go to teach him laesson that jasa karoo gay wasa baroo gay...

but sir ji i also think the firewall not wrok 4 me and he is also not have any experiance he is also a new one even a boy of just 20 come to him and solve his porblems ..

RAB RAKAHA.
{s7r1k3r}

Be MiNe.
arpanet
Naik
 
Posts: 83
Joined: Thu Jul 17, 2003 2:27 am
Website: http://www.reciteofquran.tk
WLM: allahlok@hotmail.com
Location: PaK1S7aN / LaH0r3


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 2 guests

cron