Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have no background in Linux. I am using a Novell network and the consultant put in an old 486PC with a Linux firewall on it. It is not permitting me to allow password protected FTP in or out of the network. Only http traffic is passing.
I am attempting to load CuteFTP on my Novell server and it won't work. This is what leads me to believe it's the firewall configuration that is causing the problem.
Going back to the consultant is not an option.
Can anyone train me how to understand and address this issue.
I am not sure I know what kind of firewall it is but I know it was free. Can I look at this PC and determine the type of firewall. How would I do that.
I attempt to enter FTP commands at the DOS prompt on a networked PC and it won't let me do an ftp open so this is why I think its the firewall. Is there any other way I can test this.
We plan to hook up a unit on the other side of the firewall and attempt ftp commands but that won't happen until next week.
Step one: power down 486
Step two: load shotgun...
j/k
Does the 486 serve any other function on your network?
Would it be possible/feasible to take it down/bypass it for testing?
It's a Redhat Linux Kernal 2.0.36.
I.e old, needs security patching etc etc.
It's likely the firewall is doing NAT for your network using ipchains.
It's also most likely got the NAT patch installed as this version had errors with over loaded Network address translation.
must be root try this.
i.e
% su - root
# ipchains -V
what version does it say ?
If you get a valid response from that last command then continue reading:
Try typing this. "suggest you don't post the output to this group as it's the rule set for your firewall !!! . i.e bad info for hackers to get"
# ipchains -L -n
If you get some info returned for example the line:
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
target prot opt source destination ports
MASQ all ------ 10.1.1.0/24 0.0.0.0/0 n/a
Then NAT is set-up and your firewall will have other rules sets for HTTP access etc etc.
If this is the case then type this line in as root to allow all FTP access out of the site. "this won't allow FTP access in only out"
first get this info.
# ifconfig -a | grep 'inet'
Should show you three lines, the second line is normally the external IP address of your firewall.
Replace the "foo.bar" text with your firewalls IP address.
I think this should work, but it's from my head so I haven't tested it.
Have fun.
/Raz
Ps. the Shotgun that killjoy was talking about is a Shotgun.
Pps. or Shotgun technology is where you use more then one modem to increase your bandwidth, but somehow I doubt this is what he meant. 8-)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.