I use firestarter on a linux machine which hooks up
to the internet via pppd on an adsl link, and I have a win98
laptop as a samba / login client into this, which can
also surf the net using firestarters port forwarding / DNS, etc.
When I finally got the whole thing set up right the first time (a year ago
or so) and went
to www.grc.com to get a security "check-up", all the ports
grc scanned came up very nicely as "stealth". Now however,
I'm not sure what I did (maybe manually messed around with
some of the firestarters/IP-tables type rules at some stage),
but grc now shows all ports as "closed", except for the netbios (137 or
139 ? ... I forget) port that samba affects ... which it shows as "open" !
although no information is available through it. if however, smbd is killed,
137 shows up as "closed", along with everything else.
It may seem safe enough, but my question is: is there any way to get the
clean "stealth bill of health" back again on grc's "test your shields" ?
Perhaps flushing all iptables rules and restarting firestarter ? How do
you do that ?
<added fact which may or may not be of interest: i could achieve
total "stealth" when the rh-linux version was 7 (or 7.1 i can't remember),
whilst i am now on 7.2, wherein all ports show up as "closed">
Also, could anyone advise me on this: assuming I wish to continue
using firestarter on the linux router/gateway to the internet, how can
I open port 5001 on this machine in order to be able to use yahoo
messenger with a * on the client win98 machine ?
is this another case of combining iptables and firestarter in some
fashion ? because frankly, i don't see any way of opening port
5001 using firestarter ! Otherwise, I have no complaints:
Firestarter successfully forwards absolutely ALL packets
to the win98 client (icq, yahoo messenger, email, ftp, etc) - all
I need to be able to do now is use a * !
thanks for any tips.