From owner-freebsd-ipfw Thu Jan 13 22:14:59 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from expnet.net (mail.expnet.net [216.174.90.22]) by hub.freebsd.org (Postfix) with ESMTP id 3849C1507D; Thu, 13 Jan 2000 22:14:56 -0800 (PST) (envelope-from briang@expnet.net) Received: from briangdesktop [216.174.90.9] by expnet.net (SMTPD32-5.08) id A205C4000218; Thu, 13 Jan 2000 22:28:21 -0800 Message-ID: <000701bf5e58$9f207260$095aaed8@expnet.net> Reply-To: "Brian Gallucci" From: "Brian Gallucci" To: "FreeBSD" Cc: Subject: Hmmm Date: Thu, 13 Jan 2000 22:28:50 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is really weird -> ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 We don't own any address space on 216.174.91.0 at all !! Can someone tell what this means ??? Am I missing something.. I think it should look something like - > ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 Thanks -Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Thu Jan 13 22:41:59 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.enteract.com (mail.enteract.com [207.229.143.33]) by hub.freebsd.org (Postfix) with ESMTP id EDEF015064 for ; Thu, 13 Jan 2000 22:41:51 -0800 (PST) (envelope-from bitsurfr@enteract.com) Received: from wildrock (207-229-172-21.d.enteract.com [207.229.172.21]) by mail.enteract.com (8.9.3/8.9.3) with SMTP id AAA87609; Fri, 14 Jan 2000 00:41:40 -0600 (CST) (envelope-from bitsurfr@enteract.com) From: "Chris Silva" To: "Yung Yi" , Subject: RE: laptop Date: Fri, 14 Jan 2000 00:41:26 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <199912291636.BAA15360@mmlab.snu.ac.kr> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You really ought to look at the /etc/pccard.conf.sample file... You pcmcia nic may be listed... If so, use the PCCARD kernel, and dump PAO - As you know, PAO only does 3.3-RELEASE, I assume you want, or are using 3.4 I have gotten to use may laptop *without* PAO ;) I know run 3.4-STABLE Just me .02 cents > -----Original Message----- > From: owner-freebsd-ipfw@FreeBSD.ORG > [mailto:owner-freebsd-ipfw@FreeBSD.ORG]On Behalf Of Yung Yi > Sent: Wednesday, December 29, 1999 10:37 AM > To: freebsd-ipfw@FreeBSD.org > Subject: laptop > > > Hi. > When I test ipfw in my desktop, it works fine. However, when I > test ipfw in my > laptop(PAO release), it does not work. > Do you know why? > > Please reply to me. > Thanks. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 2:20: 1 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from axl.noc.iafrica.com (axl.noc.iafrica.com [196.31.1.175]) by hub.freebsd.org (Postfix) with ESMTP id CF6E715048; Fri, 14 Jan 2000 02:19:54 -0800 (PST) (envelope-from sheldonh@axl.noc.iafrica.com) Received: from sheldonh (helo=axl.noc.iafrica.com) by axl.noc.iafrica.com with local-esmtp (Exim 3.11 #1) id 1293pZ-0000Y3-00; Fri, 14 Jan 2000 12:19:45 +0200 From: Sheldon Hearn To: "Brian Gallucci" Cc: "FreeBSD" , ipfw@FreeBSD.ORG Subject: Re: Hmmm In-reply-to: Your message of "Thu, 13 Jan 2000 22:28:50 PST." <000701bf5e58$9f207260$095aaed8@expnet.net> Date: Fri, 14 Jan 2000 12:19:45 +0200 Message-ID: <2110.947845185@axl.noc.iafrica.com> Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 13 Jan 2000 22:28:50 PST, "Brian Gallucci" wrote: > This is really weird -> > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 [...] > We don't own any address space on 216.174.91.0 at all !! I'll bet xl0 is your internal interface? Someone inside your network is probably trying to pull a dirty on someone outside your network. Well, that's what it looks like, anyway. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 3:13:44 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.alpha.net.au (mail2.alpha.net.au [203.41.44.8]) by hub.freebsd.org (Postfix) with ESMTP id 2989F15036; Fri, 14 Jan 2000 03:13:40 -0800 (PST) (envelope-from dannyh@idx.com.au) Received: from psych ([203.41.44.215]) by mail.alpha.net.au (8.9.3/8.9.3) with SMTP id WAA11834; Fri, 14 Jan 2000 22:15:10 +1100 Message-Id: <3.0.32.20000114221419.0076a754@idx.com.au> X-Sender: dannyh@idx.com.au X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Fri, 14 Jan 2000 22:14:25 +1100 To: Sheldon Hearn , "Brian Gallucci" From: Danny Subject: Help HOWTO create a Recovery Disk for BSDI? Cc: "FreeBSD" , ipfw@FreeBSD.ORG Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, - this is an emergency - I need to create an emergency recovery disk for BSDI 2.1 - I need solutions to the following questions Questions 1) Is it possible to create a BSDI Emergency Recovery disk from FreeBSD? (using mount /cdrom -> cd /cdrom/FLOPPIES/recovery.image /A) ?? 2) If not what commands do I need to type to setup the BSDI Emergency Recovery Disk? Looking forward to your feedback.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 3:19:25 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from axl.noc.iafrica.com (axl.noc.iafrica.com [196.31.1.175]) by hub.freebsd.org (Postfix) with ESMTP id 8D6B614DC8; Fri, 14 Jan 2000 03:19:17 -0800 (PST) (envelope-from sheldonh@axl.noc.iafrica.com) Received: from sheldonh (helo=axl.noc.iafrica.com) by axl.noc.iafrica.com with local-esmtp (Exim 3.11 #1) id 1294kf-0000uD-00; Fri, 14 Jan 2000 13:18:45 +0200 From: Sheldon Hearn To: Danny Cc: "Brian Gallucci" , "FreeBSD" , ipfw@FreeBSD.ORG Subject: Re: Help HOWTO create a Recovery Disk for BSDI? In-reply-to: Your message of "Fri, 14 Jan 2000 22:14:25 +1100." <3.0.32.20000114221419.0076a754@idx.com.au> Date: Fri, 14 Jan 2000 13:18:45 +0200 Message-ID: <3484.947848725@axl.noc.iafrica.com> Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 14 Jan 2000 22:14:25 +1100, Danny wrote: > - this is an emergency Then you should probably contact the people you pay to support your BSDI installation. BSDI is a commercial product, no? You may as well get what you're paying for. :-) > - I need to create an emergency recovery disk for BSDI 2.1 I have absolutely no idea how to go about this. You might get a better answer from someone else on the freebsd-questions mailing list, but if this is a real emergency, take my aadvice above. > 1) Is it possible to create a BSDI Emergency Recovery disk from FreeBSD? > (using mount /cdrom -> cd /cdrom/FLOPPIES/recovery.image /A) ?? Sounds feasible. Mount the CDROM and then use dd to create a disk image from the file, e.g.: dd if=recovery.image of=/dev/fd0 Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 3:36:12 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from usui.sc.newnet.co.uk (usui.sc.newnet.co.uk [212.87.80.10]) by hub.freebsd.org (Postfix) with ESMTP id A2B1314D3B; Fri, 14 Jan 2000 03:36:07 -0800 (PST) (envelope-from peter@newnet.co.uk) Received: from newnet.co.uk (muktananda.sys.newnet.co.uk [212.87.87.37]) by usui.sc.newnet.co.uk (8.9.3/8.9.3) with ESMTP id LAA26135; Fri, 14 Jan 2000 11:35:30 GMT Message-ID: <387F09D1.4937A4A9@newnet.co.uk> Date: Fri, 14 Jan 2000 11:34:41 +0000 From: Peter Coates X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: Sheldon Hearn Cc: Danny , Brian Gallucci , FreeBSD , ipfw@FreeBSD.ORG Subject: Re: Help HOWTO create a Recovery Disk for BSDI? References: <3484.947848725@axl.noc.iafrica.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG If your trying to restore boot blocks or kernel your'll need a BSDi 2.1 CD Rom FreeBSD will not work. I suggest you try the BSDi archives at: http://www.nexial.com/mailinglists/ Or mail the BSDI list. Regards, Peter NewNet Ltd Sheldon Hearn wrote: > > On Fri, 14 Jan 2000 22:14:25 +1100, Danny wrote: > > > - this is an emergency > > Then you should probably contact the people you pay to support your BSDI > installation. BSDI is a commercial product, no? You may as well get > what you're paying for. :-) > > > - I need to create an emergency recovery disk for BSDI 2.1 > > I have absolutely no idea how to go about this. You might get a better > answer from someone else on the freebsd-questions mailing list, but if > this is a real emergency, take my aadvice above. > > > 1) Is it possible to create a BSDI Emergency Recovery disk from FreeBSD? > > (using mount /cdrom -> cd /cdrom/FLOPPIES/recovery.image /A) ?? > > Sounds feasible. Mount the CDROM and then use dd to create a disk image > from the file, e.g.: > > dd if=recovery.image of=/dev/fd0 > > Ciao, > Sheldon. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 5:40:13 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from intranova.net (blacklisted.intranova.net [209.3.31.70]) by hub.freebsd.org (Postfix) with SMTP id A243E15185 for ; Fri, 14 Jan 2000 05:40:09 -0800 (PST) (envelope-from oogali@intranova.net) Received: (qmail 50885 invoked by uid 1001); 14 Jan 2000 08:42:15 -0000 Date: Fri, 14 Jan 2000 08:42:15 +0000 (GMT) From: Intranova Networking Group To: Brian Gallucci Cc: FreeBSD , ipfw@freebsd.org Subject: Re: Hmmm In-Reply-To: <000701bf5e58$9f207260$095aaed8@expnet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG If you're connected to a hub then that means someone else on that hub has address space in that area, otherwise, something's barfing on you. Omachonu Ogali Intranova Networking Group On Thu, 13 Jan 2000, Brian Gallucci wrote: > This is really weird -> > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > We don't own any address space on 216.174.91.0 at all !! > > Can someone tell what this means ??? Am I missing something.. > > I think it should look something like - > > > ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 > > Thanks > -Brian > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 6:39:13 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from buffnet4.buffnet.net (buffnet4.buffnet.net [205.246.19.13]) by hub.freebsd.org (Postfix) with ESMTP id 4320814CE1; Fri, 14 Jan 2000 06:39:09 -0800 (PST) (envelope-from shovey@buffnet.net) Received: from buffnet11.buffnet.net (buffnet11.buffnet.net [205.246.19.55]) by buffnet4.buffnet.net (8.9.3/8.8.7) with ESMTP id JAA36198; Fri, 14 Jan 2000 09:39:11 -0500 (EST) (envelope-from shovey@buffnet.net) Date: Fri, 14 Jan 2000 09:39:05 -0500 (EST) From: Steve Hovey To: Brian Gallucci Cc: FreeBSD , ipfw@FreeBSD.ORG Subject: Re: Hmmm In-Reply-To: <000701bf5e58$9f207260$095aaed8@expnet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG To guess I would say it was a smurf type jobby - where the from IP is altered so that the to IP responds to that machine and not he true machine of origin. On Thu, 13 Jan 2000, Brian Gallucci wrote: > This is really weird -> > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > We don't own any address space on 216.174.91.0 at all !! > > Can someone tell what this means ??? Am I missing something.. > > I think it should look something like - > > > ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 > > Thanks > -Brian > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 7:50:35 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 31328155FF; Fri, 14 Jan 2000 07:50:26 -0800 (PST) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id IAA37295; Fri, 14 Jan 2000 08:50:15 -0700 (MST) Date: Fri, 14 Jan 2000 08:50:15 -0700 (MST) From: Nick Rogness To: Brian Gallucci Cc: FreeBSD , ipfw@freebsd.org Subject: Re: Hmmm In-Reply-To: <000701bf5e58$9f207260$095aaed8@expnet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 13 Jan 2000, Brian Gallucci wrote: I'm assuming you are on a hub and not a switch? Is there a router on your network forwarding NETBIOS broadcasts? It could be misconfigured and someone could be taking advantage of that. But more than likely someone is screwing around. > This is really weird -> > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > We don't own any address space on 216.174.91.0 at all !! > ******************************************************** Nick Rogness Speak softly and carry Systems Administrator a Gigabit switch. RapidNet, Inc., USA ******************************************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 8:29:56 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.rz.fh-wilhelmshaven.de (mail.rz.fh-wilhelmshaven.de [139.13.25.134]) by hub.freebsd.org (Postfix) with ESMTP id 4E30515682 for ; Fri, 14 Jan 2000 08:29:08 -0800 (PST) (envelope-from ohoyer@fbwi.fh-wilhelmshaven.de) Received: from fettesau.stuwo.fh-wilhelmshaven.de (stuwopc5.stuwo.fh-wilhelmshaven.de [139.13.209.5]) by mail.rz.fh-wilhelmshaven.de (8.9.3/8.9.3) with SMTP id RAA08368 for ; Fri, 14 Jan 2000 17:28:37 +0100 (MET) Message-Id: <4.1.20000114165656.00c8d940@mail.rz.fh-wilhelmshaven.de> X-Sender: ohoyer@mail.rz.fh-wilhelmshaven.de X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Fri, 14 Jan 2000 17:26:31 +0100 To: freebsd-ipfw@FreeBSD.ORG From: Olaf Hoyer Subject: Simple router with basic firewall functionalioties Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi! Well, I want to recycle my old 486 for a security project... Basic idea is, since i'm sitting on a LAN with my machine here in our students home, I want to have a second machine as a router/gateway/firewall betwenn my vaued box an the rest of my fellow bas-ass students... Are there any links to good documentation regarding this? Or could someone tell some issues with the following config: 486/66 or 100 or: 486/sx 25 16/32 MB RAM 8/16 MB RAM 1 GB HDD 300 MB HDD 2 NIC (whether cheap Realtek ISA or AMD PCnet ISA from Allied telesyn) I have a FBSD 3.2 R here, or should I have a look at a different distro? Basic issues I thought of: our university has a class-B network, where we have gotten a Class C-subset for our home. DHCP is running, central administered by the university.there are also some IPs free by now..., so no problem if I use more than one. So I want to connect the 486 to the TP network jack, then connect the big machine with coax or TP to the second NIC. I understand that I must have packet forwarding activated/compiled. I also heard a lot about IP masquerading/NAT. CAn anyone explain the difference between them, and give me some opinion if thats preferrable or not? Some braindead jerks are also trying to make funny games, like nuking computers and that stuff of network games, mainly targeted on the M$ machines running here. Any opinions about that, except that a UN*X runs better here? Detection/Trace/Retaliation-wise? I also thought about a SAMBA server, to ensure compatibility to exchanga data with the M$ machines running here. Any security issues? Yes, I know that running a server app on a router/firewall imposes a severe threat, but ir would be a thought, since I need some basic compatibility with the rest of the environment. Is it also possible to Send/receive the "messenging service" of NT, respective the "Popups"? Any input greatly appreciated. Regards Olaf Hoyer -------- Olaf Hoyer www.nightfire.de mailto:Olaf.Hoyer@nightfire.de FreeBSD- The power to serve ICQ:22838075 Liebe und Hass sind nicht blind, aber geblendet vom Feuer, dass sie selber mit sich tragen. (Nietzsche) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 9:46:55 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 9F89115693; Fri, 14 Jan 2000 09:35:35 -0800 (PST) (envelope-from freebsd@gndrsh.dnsmgr.net) Received: (from freebsd@localhost) by gndrsh.dnsmgr.net (8.9.3/8.9.3) id JAA36120; Fri, 14 Jan 2000 09:35:22 -0800 (PST) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <200001141735.JAA36120@gndrsh.dnsmgr.net> Subject: Re: Hmmm In-Reply-To: from Intranova Networking Group at "Jan 14, 2000 08:42:15 am" To: oogali@intranova.net (Intranova Networking Group) Date: Fri, 14 Jan 2000 09:35:22 -0800 (PST) Cc: briang@expnet.net (Brian Gallucci), freebsd-questions@FreeBSD.ORG (FreeBSD), ipfw@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > If you're connected to a hub then that means someone else on that hub has > address space in that area, otherwise, something's barfing on you. It's just windblows braindamage, it likes to send netbios IP traffic to really strange IP addresses using really strange source addresses some times. Easy fix is to drop all any 138 to any 138, and any 137 to any 137, unless your fool enough to want to run netbios over the internet, in which case you'll have to allow some specifc IP's to work. > > Omachonu Ogali > Intranova Networking Group > > On Thu, 13 Jan 2000, Brian Gallucci wrote: > > > This is really weird -> > > > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:137 216.174.91.31:137 in via xl0 > > ipfw: 1800 Deny UDP 216.174.91.28:138 216.174.91.31:138 in via xl0 > > > > We don't own any address space on 216.174.91.0 at all !! > > > > Can someone tell what this means ??? Am I missing something.. > > > > I think it should look something like - > > > > > ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 > > ipfw: 1800 Deny UDP " OUR ADDRESS ":138 216.174.91.31:138 in via xl0 > > > > Thanks > > -Brian > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-ipfw" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message > -- Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 10:48:28 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from flashmail.com (flash1.flashmail.com [207.173.216.240]) by hub.freebsd.org (Postfix) with SMTP id 8EEAD15183 for ; Fri, 14 Jan 2000 10:44:00 -0800 (PST) (envelope-from mholloway@flashmail.com) Received: from monaco ([206.135.117.1]) by flashmail.com ; Fri, 14 Jan 2000 08:46:21 -0800 Message-ID: <001e01bf5eae$95cc2e10$942510ac@sierrahealth.com> From: "Mark Holloway" To: Subject: Is IPFW Static or Dynamic? Date: Fri, 14 Jan 2000 08:44:08 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At work we have a T1 to the net and a PIX firewall. It works great for Layer 3 protection, but we have another T1 link coming in and before I propose another $18,000 solution [which is high in price for what it does], I want to investigate what FreeBSD + IPFW can do for me. It has nothing to do with being a "free" solution, rather, it has everything to do with how solid and robust the TCP/IP stack is. The intended goal: To set up a firewall with two NIC cards. One for the Internet, one for the private network. There are 12 private subnets inside our network, and a 3Com Netbuilder II Router will forward all "unknown" packets from the inside of our network to the internal interface of the FreeBSD box. There will not be a DMZ (yet), but maybe in the future. We have clients from the outside who will connect to the inside of our network using Microsoft PPTP/VPN. We also have to allow inbound connections for SMTP, FTP (which will eventually go to the DMZ), and some custom port configurations for Citrix clients from home (currently these are configured at ports 1400-1405, so they are out of the standard range). From the inside of our network going outbound, we have to allow Telnet on ports 3000-3006. One thing that's interesting about the PIX is that I had to set up routes for the other subnets. For example, the PIX lives on 172.16.10.xxx/16. We have clients on routed segments (inside our network, from the Netbuilder II) on 192.168.xxx.xxx/24 - and there is approximately 10 class C networks there. So on the PIX I had to configure "route inside 192.168.20.1 255.255.255.0 172.16.1.1" - 172.16.1.1=Netbuilder II. So when packets originate from 192.16.20.1, the Netbuilder forwards them to the PIX (because the IP for FreeBSD.org doesn't exist inside our network, so the "destination of last resort" is the IP of the PIX which forwards to the Internet) - but then the PIX has to know when packets come back, where does it forward to? Well, the answer is 172.16.1.1 which knows how to reach 192.168.20.1. Does this make sense? Is it doable with FreeBSD and IPFW? Does anyone here know what the benefits of IPFW are versus PIX? PIX is pretty much a layer 3 only Firewall with some extended features, but not much. I can use encryption, but I can't share certificates like I can with Firewall-1. What does FreeBSD offer for encryption using a VPN? Does FreeBSD support IPSec? I would greatly appreciate ANY feedback from this list...I'm not subscribed, so please "reply to all" so I get a CC:. Thanks! Regards, Mark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 11:26:46 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from biff.nerdpower.net (biff.nerdpower.net [24.108.37.222]) by hub.freebsd.org (Postfix) with SMTP id A19FD158B6 for ; Fri, 14 Jan 2000 11:26:38 -0800 (PST) (envelope-from jeff@nerdpower.com) Received: (qmail 341 invoked by alias); 14 Jan 2000 19:26:37 -0000 Received: from c13574-010.nerdpower.net (HELO smithers.nerdpower.org) (24.108.80.209) by biff.nerdpower.net with SMTP; 14 Jan 2000 19:26:37 -0000 From: Jeff Lush Organization: NerdPower.com To: freebsd-ipfw@freebsd.org Subject: Appropriate list for ipfw question Date: Fri, 14 Jan 2000 12:22:58 -0700 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain MIME-Version: 1.0 Message-Id: <00011412243704.01757@smithers.nerdpower.org> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, I am having difficulties with setting up ipfw and would like to know if this is where I should direct my question. Thanks, Jeff Lush To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 13:38:12 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mmlab.snu.ac.kr (mmlab.snu.ac.kr [147.46.114.112]) by hub.freebsd.org (Postfix) with ESMTP id 6CBCA15504; Fri, 14 Jan 2000 13:37:59 -0800 (PST) (envelope-from yiyung@mmlab.snu.ac.kr) Received: from gold (minsuk.csc.ncsu.edu [152.1.213.227]) by mmlab.snu.ac.kr (8.9.3/8.9.3) with SMTP id GAA01406; Sat, 15 Jan 2000 06:32:26 +0900 (KST) Message-ID: <003901bf5ed6$b0a9e600$e3d50198@apan.snu.ac.kr> From: "Yung Yi" To: , Subject: router statistics. Date: Sat, 15 Jan 2000 06:31:08 +0900 MIME-Version: 1.0 Content-Type: text/plain; charset="euc-kr" Content-Transfer-Encoding: base64 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG SGkuDQoNCklzIHRoZXJlIGFueSB0b29scyBvciBwcm9ncmFtcyBpbiBGcmVlQlNEIHRoYXQNCmNh biBzaG93IHRoZSBzdGF0aXN0aWNzIHRoYXQgaG93IG11Y2ggdHJhZmZpYyBpdCBoYW5kbGVzIHdo ZW4gaXQgaXMgdXNlZCBhcyBhIHJvdXRlcj8NCg0K To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 13:43:53 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.telestream.com (mail.telestream.com [205.238.4.5]) by hub.freebsd.org (Postfix) with ESMTP id BA7BE14FFF; Fri, 14 Jan 2000 13:43:48 -0800 (PST) (envelope-from keith@mail.telestream.com) Received: from localhost (keith@localhost) by mail.telestream.com (8.9.3/8.9.3) with ESMTP id NAA28473; Fri, 14 Jan 2000 13:43:39 -0800 Date: Fri, 14 Jan 2000 13:43:39 -0800 (PST) From: To: Yung Yi Cc: freebsd-ipfw@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: router statistics. In-Reply-To: <003901bf5ed6$b0a9e600$e3d50198@apan.snu.ac.kr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Can't you just run snmp and have something like MRTG monitor that interface? Keith On Sat, 15 Jan 2000, Yung Yi wrote: > Hi. >=20 > Is there any tools or programs in FreeBSD that > can show the statistics that how much traffic it handles when it is used = as a router? >=20 > N=85'=B2=E6=ECr=B8=9B{=FB=1E=9D=D9=9A=8A[h=99=A8=E8=AD=DA&=A3=F1ky=E0R=0F= =FA+=83=08=AD=87=FB=A7=B2=E6=ECr=B8=9By=FA=DEy=BB=1D=FE=AB=9E=B2=D8=A8=9E= =CF=E2=9E=D8^n=87r=A1=FBazg=AC=B1=A8=1E >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 14:18:20 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from sasknow.com (h139-142-245-96.ss.fiberone.net [139.142.245.96]) by hub.freebsd.org (Postfix) with ESMTP id 75AF014D6A; Fri, 14 Jan 2000 14:18:03 -0800 (PST) (envelope-from freebsd@sasknow.com) Received: from localhost (freebsd@localhost) by sasknow.com (8.9.3/8.9.3) with ESMTP id QAA38681; Fri, 14 Jan 2000 16:17:48 -0600 (CST) (envelope-from freebsd@sasknow.com) Date: Fri, 14 Jan 2000 16:17:48 -0600 (CST) From: Ryan Thompson To: Yung Yi Cc: freebsd-ipfw@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: router statistics. In-Reply-To: <003901bf5ed6$b0a9e600$e3d50198@apan.snu.ac.kr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 15 Jan 2000, Yung Yi wrote: > Hi. >=20 > Is there any tools or programs in FreeBSD that > can show the statistics that how much traffic it handles when it is used = as a router? Sure, check out the Multi Router Traffic Graph (MRTG), available in /usr/ports/net/mrtg. Excellent package, IMO. =20 > N=85'=B2=E6=ECr=B8=9B{=FB=1E=9D=D9=9A=8A[h=99=A8=E8=AD=DA&=A3=F1ky=E0R=0F= =FA+=83=08=AD=87=FB=A7=B2=E6=ECr=B8=9By=FA=DEy=BB=1D=FE=AB=9E=B2=D8=A8=9E= =CF=E2=9E=D8^n=87r=A1=FBazg=AC=B1=A8=1E >=20 I beg your pardon? :-) Virtually yours, - Ryan -- Ryan Thompson =0950% Owner, Sysadmin SaskNow Technologies =09=09http://www.sasknow.com #106-380 3120 8th St E =09=09Saskatoon, SK S7H 0W2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Jan 14 15:22:56 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.alpha.net.au (mail2.alpha.net.au [203.41.44.8]) by hub.freebsd.org (Postfix) with ESMTP id 92BC6150EE; Fri, 14 Jan 2000 15:22:47 -0800 (PST) (envelope-from dannyh@idx.com.au) Received: from psych ([203.41.44.139]) by mail.alpha.net.au (8.9.3/8.9.3) with SMTP id KAA25535; Sat, 15 Jan 2000 10:24:23 +1100 Message-Id: <3.0.32.20000115102329.006a5d34@idx.com.au> X-Sender: dannyh@idx.com.au X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Sat, 15 Jan 2000 10:23:34 +1100 To: Sheldon Hearn From: Danny Subject: Re: Help HOWTO create a Recovery Disk for BSDI? Cc: "Brian Gallucci" , "FreeBSD" , ipfw@FreeBSD.ORG Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG THank you.. It works...... At 13:18 14/01/00 +0200, Sheldon Hearn wrote: > > >On Fri, 14 Jan 2000 22:14:25 +1100, Danny wrote: > >> - this is an emergency > >Then you should probably contact the people you pay to support your BSDI >installation. BSDI is a commercial product, no? You may as well get >what you're paying for. :-) > >> - I need to create an emergency recovery disk for BSDI 2.1 > >I have absolutely no idea how to go about this. You might get a better >answer from someone else on the freebsd-questions mailing list, but if >this is a real emergency, take my aadvice above. > >> 1) Is it possible to create a BSDI Emergency Recovery disk from FreeBSD? >> (using mount /cdrom -> cd /cdrom/FLOPPIES/recovery.image /A) ?? > >Sounds feasible. Mount the CDROM and then use dd to create a disk image >from the file, e.g.: > > dd if=recovery.image of=/dev/fd0 > >Ciao, >Sheldon. > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Jan 15 17:15:22 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207]) by hub.freebsd.org (Postfix) with ESMTP id 56B3615158 for ; Sat, 15 Jan 2000 17:15:15 -0800 (PST) (envelope-from cjc@cc942873-a.ewndsr1.nj.home.com) Received: (from cjc@localhost) by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id UAA53469; Sat, 15 Jan 2000 20:19:21 -0500 (EST) (envelope-from cjc) From: "Crist J. Clark" Message-Id: <200001160119.UAA53469@cc942873-a.ewndsr1.nj.home.com> Subject: Re: Simple router with basic firewall functionalioties In-Reply-To: <4.1.20000114165656.00c8d940@mail.rz.fh-wilhelmshaven.de> from Olaf Hoyer at "Jan 14, 2000 05:26:31 pm" To: ohoyer@fbwi.fh-wilhelmshaven.de (Olaf Hoyer) Date: Sat, 15 Jan 2000 20:19:21 -0500 (EST) Cc: freebsd-ipfw@FreeBSD.ORG Reply-To: cjclark@home.com X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Olaf Hoyer wrote, > Hi! > > Well, I want to recycle my old 486 for a security project... > > Basic idea is, since i'm sitting on a LAN with my machine here in our > students home, I want to have a second machine as a router/gateway/firewall > betwenn my vaued box an the rest of my fellow bas-ass students... > > Are there any links to good documentation regarding this? > Or could someone tell some issues with the following config: > > 486/66 or 100 or: 486/sx 25 > 16/32 MB RAM 8/16 MB RAM > 1 GB HDD 300 MB HDD > 2 NIC (whether cheap Realtek ISA or AMD PCnet ISA from Allied telesyn) The first column should be able to handle the dedicated IPFW/NAT job fine. In the second case, 8 RAM would really be pushing things. The HDD is also pretty small. It would be enough to hold a FreeBSD install, but the machine would not have the room for much of anything else or to do make-worlds. > I have a FBSD 3.2 R here, or should I have a look at a different distro? Why not download 3.x-STABLE? But 3.2R should be just fine with the possible caveat that it may have one of the exploitable BIND versions. So if you plan to do DNS on the box... [snip] > So I want to connect the 486 to the TP network jack, then connect the big > machine with coax or TP to the second NIC. You want to have a firewall machine to protect _one_ machine? I would only bother with this if (1) you are doing it purely as an excercise or (2) the machine behind the wall is running an M$ OS. > I understand that I must have packet forwarding activated/compiled. > I also heard a lot about IP masquerading/NAT. CAn anyone explain the > difference between them, and give me some opinion if thats preferrable or not? To my knowledge, there is no difference between them. They are different words for the same thing. Masquerading is something that Linux-types talk about whereas everyone else calls it NATd, but I may be wrong. > Some braindead jerks are also trying to make funny games, like nuking > computers and that stuff of network games, mainly targeted on the M$ > machines running here. Any opinions about that, except that a UN*X runs > better here? Detection/Trace/Retaliation-wise? UNIX-type OSes will of course not be vulnerable to attacks specific to ones used on M$ OSes. That is not to say that a UNIX OS is completely secure either. However, if you are careful, even as a novice, you can probably put together a pretty secure firewall box with FreeBSD. IMHO, the only thing that might be more secure would be an OpenBSD box put together with equal care. > I also thought about a SAMBA server, to ensure compatibility to exchanga > data with the M$ machines running here. Any security issues? If you run Samba servers, yes. But... > Yes, I know that running a server app on a router/firewall imposes a severe > threat, but ir would be a thought, since I need some basic compatibility > with the rest of the environment. Depending on what type of "compatibility" we are talking about here, you may not need to run the Samba servers. If you want to be able to grab files from M$ networked machines or use their printers, you need only run smbclient(1). You only need to run a Samba server (smbd(8) and nmbd(8)) if you want other machines accessing files and resources on yours. Allowing such accesses are obviously big security issues. > Is it also possible to Send/receive the "messenging service" of NT, > respective the "Popups"? No idea what you are talking about. Can't help there. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Jan 15 18:22:48 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from altair.origenbio.com (altair.origenbio.com [216.30.62.130]) by hub.freebsd.org (Postfix) with ESMTP id EF3DB14C91 for ; Sat, 15 Jan 2000 18:22:38 -0800 (PST) (envelope-from dmartin@origen.com) Received: from origen.com (dubhe.origen [192.168.0.5]) by altair.origenbio.com (8.9.3/8.9.3) with ESMTP id UAA32141; Sat, 15 Jan 2000 20:22:03 -0600 (CST) (envelope-from dmartin@origen.com) Message-ID: <38812B16.6431C8FE@origen.com> Date: Sat, 15 Jan 2000 20:21:10 -0600 From: Richard Martin X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: cjclark@home.com Cc: Olaf Hoyer , freebsd-ipfw@FreeBSD.ORG Subject: Re: Simple router with basic firewall functionalioties References: <200001160119.UAA53469@cc942873-a.ewndsr1.nj.home.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > I also thought about a SAMBA server, to ensure compatibility to exchanga > > data with the M$ machines running here. Any security issues? > > If you run Samba servers, yes. But... It would be a VERY good idea to block any samba traffic directed in from the Internet. From my firewall logs, the top three types of probes we get are: SunRPC (port 111) Samba (137,138) and PCanywhere (5632) Samba is a very chatty protocol which will propagate to the edge of the Internet if allowed. Let a broadcast get out and you can expect to receive a friendly reply... Be sure the other services are turned off if you do not specifically need them. > > > Is it also possible to Send/receive the "messenging service" of NT, > > respective the "Popups"? Do you mean the AOL messenger service? I think that comes in as POP traffic. Just 'allow' traffic on that port thru from the Internet. -- Richard Martin dmartin@origen.com OriGen Biomedical Tel: +1 512 474 7278 2525 Hartford Rd. Fax: +1 512 708 8522 Austin, TX 78703 http://www.formed.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Jan 15 18:48:17 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.rz.fh-wilhelmshaven.de (mail.rz.fh-wilhelmshaven.de [139.13.25.134]) by hub.freebsd.org (Postfix) with ESMTP id E854715007 for ; Sat, 15 Jan 2000 18:48:14 -0800 (PST) (envelope-from ohoyer@fbwi.fh-wilhelmshaven.de) Received: from fettesau.stuwo.fh-wilhelmshaven.de (stuwopc5.stuwo.fh-wilhelmshaven.de [139.13.209.5]) by mail.rz.fh-wilhelmshaven.de (8.9.3/8.9.3) with SMTP id DAA13528; Sun, 16 Jan 2000 03:48:05 +0100 (MET) Message-Id: <4.1.20000116034031.00c41170@mail.rz.fh-wilhelmshaven.de> X-Sender: ohoyer@mail.rz.fh-wilhelmshaven.de X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Sun, 16 Jan 2000 03:45:47 +0100 To: Richard Martin From: Olaf Hoyer Subject: Re: Simple router with basic firewall functionalioties Cc: freebsd-ipfw@FreeBSD.ORG In-Reply-To: <38812B16.6431C8FE@origen.com> References: <200001160119.UAA53469@cc942873-a.ewndsr1.nj.home.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > I also thought about a SAMBA server, to ensure compatibility to exchanga >> > data with the M$ machines running here. Any security issues? >> >> If you run Samba servers, yes. But... > >It would be a VERY good idea to block any samba traffic directed in from the >Internet. From my firewall logs, the top three types of probes we get are: Hi! Network topology as follows: INternet---University--students home gateway (Linux)---my Pc students home has a complete public class B IP range. Due to having a peer-to-peer chaotic network, mostly M$ based, we also use the normal SMB based directory services to transfer some files. > >Samba is a very chatty protocol which will propagate to the edge of the >Internet if allowed. Let a broadcast get out and you can expect to receive a >friendly reply... > >Be sure the other services are turned off if you do not specifically need >them. Yes, for sure.. >> > Is it also possible to Send/receive the "messenging service" of NT, >> > respective the "Popups"? > >Do you mean the AOL messenger service? I think that comes in as POP traffic. >Just 'allow' traffic on that port thru from the Internet. No, I mean the normal SMB based messages, like intoduced already in LAN MAnager, for in-house communication via the Netbeui/Netbios protocol (non-routable, broadcast) In Win95/NT there is the telephony/popup program, we use the Realpopup instead... Regards Olaf Hoyer -------- Olaf Hoyer www.nightfire.de mailto:Olaf.Hoyer@nightfire.de FreeBSD- The power to serve ICQ:22838075 Liebe und Hass sind nicht blind, aber geblendet vom Feuer, dass sie selber mit sich tragen. (Nietzsche) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Jan 15 19: 7:39 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from pogo.caustic.org (pogo.caustic.org [208.44.193.69]) by hub.freebsd.org (Postfix) with ESMTP id CAC9114D18 for ; Sat, 15 Jan 2000 19:07:31 -0800 (PST) (envelope-from jan@caustic.org) Received: from localhost (jan@localhost) by pogo.caustic.org (8.9.3/ignatz) with ESMTP id TAA61989; Sat, 15 Jan 2000 19:07:58 -0800 (PST) Date: Sat, 15 Jan 2000 19:07:58 -0800 (PST) From: "f.johan.beisser" To: Olaf Hoyer Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: Simple router with basic firewall functionalioties In-Reply-To: <4.1.20000114165656.00c8d940@mail.rz.fh-wilhelmshaven.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG most of this was covered.. but.. On Fri, 14 Jan 2000, Olaf Hoyer wrote: > Hi! > > Well, I want to recycle my old 486 for a security project... > > Are there any links to good documentation regarding this? > Or could someone tell some issues with the following config: > > 486/66 or 100 or: 486/sx 25 > 16/32 MB RAM 8/16 MB RAM > 1 GB HDD 300 MB HDD > 2 NIC (whether cheap Realtek ISA or AMD PCnet ISA from Allied telesyn) considering the second colum ... i'd suggest using picobsd (it fits on a floppy) and eliminating the harddrive all together. you can do the NAT/FW with that off of the network app build ($SRCDIR/release/picobsd for more info) this can (and does) support most harddrives for backing up too, but it doesn't require them. > Some braindead jerks are also trying to make funny games, like nuking > computers and that stuff of network games, mainly targeted on the M$ > machines running here. Any opinions about that, except that a UN*X runs > better here? Detection/Trace/Retaliation-wise? retaliation is not generally a good idea. but, as for protection, you can set up the firewall.. this is coverd by some other folks here, i believe. > I also thought about a SAMBA server, to ensure compatibility to exchanga > data with the M$ machines running here. Any security issues? yes, but i think a better question is why? if you're using TCP/IP as the transport, there shouldn't be a need to run samba as a service inside your network. consider that SAMBA is a file service daemon, i think this would be pointless for you. unless the machine is going to do more than just be a firewall... > Yes, I know that running a server app on a router/firewall imposes a severe > threat, but ir would be a thought, since I need some basic compatibility > with the rest of the environment. compatable how? windows 95/98/NT/2k all should work fine through the firewall, with no real issues. if they don't, then there is a problem with the setup somewhere, and i doubt it would be that hard to fix. > Is it also possible to Send/receive the "messenging service" of NT, > respective the "Popups"? > > Any input greatly appreciated. explain more on the "popups" if it's an Instant Messaging Service (AIM, ICQ, etc) it should work if there isn't to much interferance from the firewall/NAT. -- jan +-----// f. johan beisser //------------------------------+ email: jan[at]caustic.org web: http://www.caustic.org/~jan "knowledge is power. power corrupts. study hard, be evil." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Jan 15 19:24: 0 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.rz.fh-wilhelmshaven.de (mail.rz.fh-wilhelmshaven.de [139.13.25.134]) by hub.freebsd.org (Postfix) with ESMTP id C3B70150F5 for ; Sat, 15 Jan 2000 19:23:53 -0800 (PST) (envelope-from ohoyer@fbwi.fh-wilhelmshaven.de) Received: from fettesau.stuwo.fh-wilhelmshaven.de (stuwopc5.stuwo.fh-wilhelmshaven.de [139.13.209.5]) by mail.rz.fh-wilhelmshaven.de (8.9.3/8.9.3) with SMTP id EAA23769; Sun, 16 Jan 2000 04:23:24 +0100 (MET) Message-Id: <4.1.20000116041246.0097bd50@mail.rz.fh-wilhelmshaven.de> X-Sender: ohoyer@mail.rz.fh-wilhelmshaven.de X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Sun, 16 Jan 2000 04:21:24 +0100 To: "f.johan.beisser" From: Olaf Hoyer Subject: Re: Simple router with basic firewall functionalioties Cc: freebsd-ipfw@FreeBSD.ORG In-Reply-To: References: <4.1.20000114165656.00c8d940@mail.rz.fh-wilhelmshaven.de> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG i'd suggest using picobsd (it fits on a floppy) and eliminating the >harddrive all together. you can do the NAT/FW with that off of the network >app build ($SRCDIR/release/picobsd for more info) > >this can (and does) support most harddrives for backing up too, but it >doesn't require them. HI! Yes, will also have a look at that. > >> I also thought about a SAMBA server, to ensure compatibility to exchanga >> data with the M$ machines running here. Any security issues? > >yes, but i think a better question is why? We use a peer -to peer network here, with mostly M$ machines using SMB/Netbeui/Netbios here. To transfer files, we mostly use the M$ directory stuff to allow access and so. Its easy, and even the girls here can figure it out... BTW, it is explicitly forbidden here in our home to use stuff like FTP servers. > >if you're using TCP/IP as the transport, there shouldn't be a need to run >samba as a service inside your network. consider that SAMBA is a file >service daemon, i think this would be pointless for you. > >unless the machine is going to do more than just be a firewall... That was my second thought, to capsule the main box completely from the rest of the network. > >compatable how? > >windows 95/98/NT/2k all should work fine through the firewall, with no >real issues. if they don't, then there is a problem with the setup >somewhere, and i doubt it would be that hard to fix. Yes, with TCP/IP no prob. I cared for the SMB part. >> Is it also possible to Send/receive the "messenging service" of NT, >> respective the "Popups"? SMB messenging (broadcast type, used by the "telephony/popup" application in WIn3.x/Win9x/NT) >explain more on the "popups" if it's an Instant Messaging Service (AIM, >ICQ, etc) it should work if there isn't to much interferance from the >firewall/NAT. ICQ should be no prob since it is IP based. Problems are that here I have to care about SMB based stuff in M$ world. Regards Olaf Hoyer -------- Olaf Hoyer www.nightfire.de mailto:Olaf.Hoyer@nightfire.de FreeBSD- The power to serve ICQ:22838075 Liebe und Hass sind nicht blind, aber geblendet vom Feuer, dass sie selber mit sich tragen. (Nietzsche) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message