set up my router to be more secure
installed a firewall, and configured it to only accept connections from my router, as well as some extra rules. and found an extra entrie in the accept connections section when i came home from work ??? using firestarter on ubuntu karmic. at least its stable
my other box running hardy keeps crashing
events log shows a range of ip addresses and ports and then another and so on... ?!
any help if figuring this out, or better setting up my security would be great . tx in advance
Full Version: Security
The added policy could just be the router using a adaptive firewall that auto changes rules based on certain critera. Are you using both router and software firewall or just one? The only reason to run a software firewall if you have a router one is if there is a potential for threats inside your network. E.g. other people who's system may be compromised will be using network, or you use wireless. Of course the other reason for running one is to stop those pesky programs calling home 
do you have upnp enabled in your firewall? i'm not big on ubuntu, but a lot of firewalls have this option to automatically allow certain programs
what port is it?
what port is it?
flatline: im using both,
and maz:i disabled pretty much any auto config i could find inside my router, as well as blocking as much as i could with "firestarter"
minutes after my last post , my os i was runnning , as a test os, crapped out. i rebooted into my partitioned main hd os. and came across the same error. grub not found.
i had to reinstall my backup ubuntu os, as a quick fix on one box. the other rebooted, and seems to work.
i think its somehow linked through transmission, but it spreads beyond, most definetly.
thanks as always guys
this is my home when i roam :D
its friday, and beer n doobies are a flowin, ill catch you guys in the morn
tx again
and maz:i disabled pretty much any auto config i could find inside my router, as well as blocking as much as i could with "firestarter"
minutes after my last post , my os i was runnning , as a test os, crapped out. i rebooted into my partitioned main hd os. and came across the same error. grub not found.
i had to reinstall my backup ubuntu os, as a quick fix on one box. the other rebooted, and seems to work.
i think its somehow linked through transmission, but it spreads beyond, most definetly.
thanks as always guys
this is my home when i roam :D
its friday, and beer n doobies are a flowin, ill catch you guys in the morn
tx again
next time it happens post your iptables -L if you want to so someone can check it out and see what should/shouldn't be there
personally i prefer iptables to any 3rd party router since most firewalls used are based off setting up iptable rules anyway ;)
personally i prefer iptables to any 3rd party router since most firewalls used are based off setting up iptable rules anyway ;)
i know you're right maz! tx
im going to google ip tables as we speak
also going to post the out put here, one system doesnt want to connect anymore, the other, this one, keeps crashing, and the fan is going so hard sounds like its going to blow up, almost
this is off my hardy box
keepit000@keepit000-laptop:~$ sudo iptables -L
[sudo] password for keepit000:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
keepit000@keepit000-laptop:~$
this is off my karmic box
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LSI udp -- anywhere anywhere udp dpt:33434
LSI icmp -- anywhere anywhere
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.0.255
DROP all -- 224.0.0.0/8 anywhere
DROP all -- anywhere 224.0.0.0/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
LSI udp -- anywhere anywhere udp dpt:33434
LSI icmp -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP all -- 224.0.0.0/8 anywhere
DROP all -- anywhere 224.0.0.0/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.0.1 anywhere
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (6 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
seems strange to me, nothing was running when i did this, except transmission on my other box
just did it again, on the same box as right above
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
im a noob in this department
im going to google ip tables as we speak
also going to post the out put here, one system doesnt want to connect anymore, the other, this one, keeps crashing, and the fan is going so hard sounds like its going to blow up, almost
this is off my hardy box
keepit000@keepit000-laptop:~$ sudo iptables -L
[sudo] password for keepit000:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
keepit000@keepit000-laptop:~$
this is off my karmic box
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LSI udp -- anywhere anywhere udp dpt:33434
LSI icmp -- anywhere anywhere
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.0.255
DROP all -- 224.0.0.0/8 anywhere
DROP all -- anywhere 224.0.0.0/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
LSI udp -- anywhere anywhere udp dpt:33434
LSI icmp -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP all -- 224.0.0.0/8 anywhere
DROP all -- anywhere 224.0.0.0/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.0.1 anywhere
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (6 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
seems strange to me, nothing was running when i did this, except transmission on my other box
just did it again, on the same box as right above
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
im a noob in this department
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.