From owner-freebsd-security Mon Jun 11 3:19:23 2001 Delivered-To: freebsd-security@freebsd.org Received: from kalaid.f2f.com.ua (kalaid.f2f.com.ua [62.149.0.33]) by hub.freebsd.org (Postfix) with ESMTP id BA73837B409 for ; Mon, 11 Jun 2001 03:19:07 -0700 (PDT) (envelope-from never@uic-in.net) Received: from mail.uic-in.net (root@[212.35.189.4]) by kalaid.f2f.com.ua (8.11.3/8.11.1) with ESMTP id f5BAKw137976; Mon, 11 Jun 2001 13:20:58 +0300 (EEST) (envelope-from never@uic-in.net) Received: from never.uic-in.net (never.uic-in.net [212.35.189.13]) by mail.uic-in.net (8.11.3/8.11.3) with ESMTP id f5BAJ1o39326; Mon, 11 Jun 2001 13:19:01 +0300 (EEST) (envelope-from never@uic-in.net) Date: Mon, 11 Jun 2001 13:19:01 +0300 From: Nevermind X-Mailer: The Bat! (v1.51) Business Reply-To: Nevermind Organization: UIC Group X-Priority: 3 (Normal) Message-ID: <148140566704.20010611131901@uic-in.net> To: "educatee2001" Cc: "FreeBSD security" Subject: Re: Do you know any open source software which can so these security protection? In-Reply-To: <002f01c0f25e$a41a5290$0100c8c8@co3018900a> References: <002f01c0f25e$a41a5290$0100c8c8@co3018900a> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org e> I wonder if there is any software in open source and can run in FreeBSd e> which could do something like the following. I appreciate your recomendation e> as I am new in BSD world. e> 2. Warning security system to monitors the TCP/IP ports on your computer and e> gives an alert when it detects a connection. A TCP/UDP port listenerIt e> resolves the IP Address of the remote system, via a domain name server, e> whether you are on the Internet or on a Corporate Network. It logs the date, e> time, IP address, port number and host used by anyone trying to get into e> your system /usr/ports/secutity/snort e> 3. Software that allow one to manage the ports to open/close in FreeBSD. Say e> if I need to open certain port in BSD for third party program, how can I do e> so? You need to use standard FreeBSD's ipfw. To enable it you should add to your kernel config following lines: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 and recompile and install new kernel. Be careful, beacuse default rule for IPFW is "deny ip from any to any", so you should make your ipfw rulelist before you reboot you computer. At least add as rule number 100 "allow ip from any to any". This could be done by setting firewall_enable="YES" firewall_type="open" in your /etc/rc.conf and after building, installing new kernel (you can find the way you can do it in handbook) setting above variables in /etc/rc.conf reboot your computer with new kernel and then start playing with different allow/pass/deny/reject rules in ipfw. man ipfw -- Nevermind mailto:never@uic-in.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message