Very Computer

Hello,

I am a complete newbee to Linux, as I
am migrating from Windows 2000 Pro sp2,
(as a home user) to Red Hat Linux 7.1.

I need both os's.

I hope you folks would be willing to assist me
as a newbee at Red Hat 7.1. k 2.4 (seawolf)

My first concern is , ofcourse , security.
I will start with ipchains, since it is my understanding
that chains and tables cannot run simultaneously.

I set the default (LOKKIT ?) firewall settings to -high-
on my workstation install, and I have shut down -ALL-
services from running, and only X-windows tcp 6000
is listening. All inbound is set to -deny- , including
ICMP and IGMP. (changed from reject to deny)

But (a dumb newbee question), what is LOKKIT ?
Is it the actual ipchains firewall experienced users
implement ? ...or do I have to use the advanced text
editor or something *else* to write more refined chains?
Where are the logs for blocked incoming from this
default firewall , by LOKKIT ?

Can a 'user' run tcpdump and/or nmap / nexxus / snort ,
or do I have to be root ? I can't even run ifconfig as user.

Any modifications to this default [?] LOKKIT (netfilter?)
firewall will crash it. (unless done in exactly proper form)

Books that I've read in bookstores assume that you allready
know about Unix/Linux, and use "terms" that I have no clue
about, and were not previously explicity defined. :(

This is very difficult getting started. (I can't even run PAN :-) )
I need somewhere to start, I hope you can help me in this forum.

Quote:> I set the default (LOKKIT ?) firewall settings to -high-
> on my workstation install, and I have shut down -ALL-
> services from running, and only X-windows tcp 6000
> is listening. All inbound is set to -deny- , including
> ICMP and IGMP. (changed from reject to deny)

You can stop X-window from listening with some option I
can't remember right now. -notcp or something.

Quote:> Can a 'user' run tcpdump and/or nmap / nexxus / snort ,
> or do I have to be root ? I can't even run ifconfig as user.

Yes, you can (most likely) run ifconfig, it's just not in
your users path. Try echo $PATH to see, what's in your path.

Any user can run any program on your system, except if the
access bits for the binary denies its. Try: 'man ls' and
'man chmod'. That means, that your users will be able to just
grab nmap or whatever from the net, compile it themself and
run it happily. I don't know of any good way to stop this
from happening - anyone?

Quote:> Books that I've read in bookstores assume that you allready
> know about Unix/Linux, and use "terms" that I have no clue
> about, and were not previously explicity defined. :(

You might want to search through www.linuxdoc.org. They have
a lot of HOWTO's and even books about various subjects.

www.linux.com also have a lot of good howto's for doing all
sorts of things. Nicely categorized by their levels too ;-)

Regards
- Jacob Atzen

Any luser can change their PATH, too.

Quote:> Any user can run any program on your system, except if the access bits
> for the binary denies its. Try: 'man ls' and 'man chmod'. That means,
> that your users will be able to just grab nmap or whatever from the net,
> compile it themself and run it happily. I don't know of any good way to
> stop this from happening - anyone?

| /dev/hda5 on /home type xfs (rw,noexec,nosuid,nodev,noatime)
                                  ^^^^^^^^^^^^^big stinking hint

Note that you'll also have to apply said hint to /tmp and /var/tmp if you
don't want them doodling in there - or deny them write ability into them
(which could be a bit harder).

Note, btw, Mandrake in `secure' install mode will chmod 711 /sbin; you can
type /sbin/ifconfig *if* you know it's there, otherwise, not even tab-
completion will show you it.

HTH,

~Tim
--
    12:40:01 up 3 days,  2:52,  1 user,  load average: 0.00, 0.03, 0.11

http://piglet.is.dreaming.org      |(seen mid-windows 98 installation)

Red Hat 7.1 would want to install iptables as a default I think, not
ipchains.  If you are new to Linux, just learn iptables.

Doug

Thank you for enlightening me :-)

- Jacob

   Hello,

   The default on Red Hat Linux 7.1 is ipchains.
   As a matter of fact, Red Hat installation support
   even 'refuses' to support iptables, even just
   turning them on ... heh .       | ? |

Ancient Jedi trick: read the Armadillo.

Hope it actually proces useful ;8)

~Tim
--
   21:55:51 up 3 days, 12:08,  2 users,  load average: 0.34, 0.50, 0.46

http://piglet.is.dreaming.org      |Chasing the days, chasing the days.