Kernel 2.6 & iptables v1.2.7a problem with guidedog

Guarddog doesn't "Stealth" port zero

First of all, thank you for giving us this fine piece of software, Guarddog 
is superb!
Only it doesn't seem to "stealth" the wildcard port 0 when tested on the 
shield ups scanner of Grc.com
is it possible to make Guarddog  completelly ignore port 0 so that it is 
also "Stealth" ?

copy and paste from the site of Grc.com
"Port Zero" does not officially exist. It is defined as an invalid port 
number. But valid Internet packets can be formed and sent "over the wire" to 
and from "port 0" just as with any other ports"

"Your computer has responded that this port exists but is currently closed 
to connections."

Keep up to good work,

Best regards,

Maarten

_________________________________________________________________
MSN Search, for accurate results! http://search.msn.nl

-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com

guarddog uses ip number instead of name?

Hello, I searched the archives but couldn't find an answer to this.
It appears that guarddog is using my ip number in the iptables instead
of my hostname?  Is there a way around this?

I'm using DHCP and my ip number changes almost every day so this really
makes it impossible to use my machine as a server with guarddog.

Thanks.

		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail 

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click

Re: guarddog uses ip number instead of name?

* wrote:

>Hello, I searched the archives but couldn't find an answer to this.
>It appears that guarddog is using my ip number in the iptables instead
>of my hostname?  Is there a way around this?
>
>I'm using DHCP and my ip number changes almost every day so this really
>makes it impossible to use my machine as a server with guarddog.
>
>Thanks.
>
>
>		
>__________________________________
>Do you Yahoo!?
>New and Improved Yahoo! Mail - Send 10MB messages!
>http://promotions.yahoo.com/new_mail 
>
>
>-------------------------------------------------------
>This SF.Net email is sponsored by BEA Weblogic Workshop
>FREE Java Enterprise J2EE developer tools!
>Get your free copy of BEA WebLogic Workshop 8.1 today.
>http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
>_______________________________________________
>Guarddog-user mailing list
>Guarddog-user <at> lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/guarddog-user
>
>
>
>  
>
Hi mate

I answer your second question, if you looking to use a server and you 
have dynamic ip address you can use www.dyndns.com Register there and if 
you host any services from you server just give out the name of your 
machine and your friends will be able to find your services, with the 
name that you give them. I use guarddog and host americas army server 
works for me.

Kevin

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click

Re: guarddog uses ip number instead of name?

--- Kevin Ferguson <linuxstuff <at> blueyonder.co.uk> wrote:
> * wrote:
> 
> >Hello, I searched the archives but couldn't find an answer to this.
> >It appears that guarddog is using my ip number in the iptables instead
> >of my hostname?  Is there a way around this?
> >
> >I'm using DHCP and my ip number changes almost every day so this really
> >makes it impossible to use my machine as a server with guarddog.
> >
> >Thanks.
> >
> >
> Hi mate
> 
> I answer your second question, if you looking to use a server and you 
> have dynamic ip address you can use www.dyndns.com Register there and if 
> you host any services from you server just give out the name of your 
> machine and your friends will be able to find your services, with the 
> name that you give them. I use guarddog and host americas army server 
> works for me.
> 
> Kevin
> 
Hi Kevin, thanks for the reply!  I am actually using dyndns.com.  And
I misstated the problem, sorry about that!  My ip number is NOT being
used in iptables.  What is being used is the hostname resolved from my
ip number.  E.g. I would like it to use:

    blah.homeip.net

in the iptables but it is using instead:

   adsl-68-126-0-201.dsl.irvnca.pacbell.net

which makes sense since when I do a host 68.126.0.201 it returns the
second one.  I wonder how people are working around this?  Do you see
your dyndns.com hostname in your iptables?  Thanks.

		
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click

Re: guarddog uses ip number instead of name?

On Thursday 15 July 2004 01:06, * wrote:
> Hi Kevin, thanks for the reply!  I am actually using dyndns.com.  And
> I misstated the problem, sorry about that!  My ip number is NOT being
> used in iptables.  What is being used is the hostname resolved from my
> ip number.  E.g. I would like it to use:
>
>     blah.homeip.net
>
> in the iptables but it is using instead:
>
>    adsl-68-126-0-201.dsl.irvnca.pacbell.net
>
> which makes sense since when I do a host 68.126.0.201 it returns the
> second one.  I wonder how people are working around this?  Do you see
> your dyndns.com hostname in your iptables?  Thanks.

You did not complain about a non-working firewall.

Is your firewall working?

Cheers,

Leen

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click

Re: guarddog uses ip number instead of name?

On Jul 14, 2004, at 23:42, Leendert Meyer wrote:

> On Thursday 15 July 2004 01:06, * wrote:
>> Hi Kevin, thanks for the reply!  I am actually using dyndns.com.  And
>> I misstated the problem, sorry about that!  My ip number is NOT being
>> used in iptables.  What is being used is the hostname resolved from my
>> ip number.  E.g. I would like it to use:
>>
>>     blah.homeip.net
>>
>> in the iptables but it is using instead:
>>
>>    adsl-68-126-0-201.dsl.irvnca.pacbell.net
>>
>> which makes sense since when I do a host 68.126.0.201 it returns the
>> second one.  I wonder how people are working around this?  Do you see
>> your dyndns.com hostname in your iptables?  Thanks.
>
> You did not complain about a non-working firewall.
>
> Is your firewall working?

I am actually replying to the previous message since I missed it 
originally.

What you are seeing is the result of the reverse DNS.  This is handled 
by your ISP (i.e. the IP owner) and NOT by dyndns.  The only one that 
can control it is the IP owner (your ISP) and since they are unlikely 
to change it to resolve to your dyndns hostname, there is nothing much 
you can do.  But you should not have a problem with your firewall 
because of that.

BTW, the name is not used by iptables.  --list by default attempts to 
translate the IP to a hostname but If you will run

iptables --list -n

you will the IP numbers instead.

Avi

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click

Re: guarddog uses ip number instead of name?

--- Avi Schwartz <avi <at> CFFtechnologies.com> wrote:
> On Jul 14, 2004, at 23:42, Leendert Meyer wrote:
> 
> > On Thursday 15 July 2004 01:06, * wrote:
> >> Hi Kevin, thanks for the reply!  I am actually using dyndns.com.  And
> >> I misstated the problem, sorry about that!  My ip number is NOT being
> >> used in iptables.  What is being used is the hostname resolved from my
> >> ip number.  E.g. I would like it to use:
> >>
> >>     blah.homeip.net
> >>
> >> in the iptables but it is using instead:
> >>
> >>    adsl-68-126-0-201.dsl.irvnca.pacbell.net
> >>
> >> which makes sense since when I do a host 68.126.0.201 it returns the
> >> second one.  I wonder how people are working around this?  Do you see
> >> your dyndns.com hostname in your iptables?  Thanks.
> >
> > You did not complain about a non-working firewall.
> >
> > Is your firewall working?
> 
> I am actually replying to the previous message since I missed it 
> originally.
> 
> What you are seeing is the result of the reverse DNS.  This is handled 
> by your ISP (i.e. the IP owner) and NOT by dyndns.  The only one that 
> can control it is the IP owner (your ISP) and since they are unlikely 
> to change it to resolve to your dyndns hostname, there is nothing much 
> you can do.  But you should not have a problem with your firewall 
> because of that.
> 
> BTW, the name is not used by iptables.  --list by default attempts to 
> translate the IP to a hostname but If you will run
> 
> iptables --list -n
> 
> you will the IP numbers instead.
> 
> Avi
> 

Thanks Avi, that helps!  BUT if the firewall is using ip numbers then it
seems like I'm back to square one:

(1) I run guarddog and populate iptables.
(2) I run /etc/init.d/iptables save, to save the state.
(3) When my machine boots up it uses iptables-restore to restore the
state.

So as I was saying (or trying to say) in my original post, when my ip
number changes daily via DHCP then it's impossible to use my machine as
a server.  I.e. I can no longer ssh in because the rule restored from
iptables-restore is using an old ip number.

Certainly I shouldn't have to rerun guarddog and resave the state every
time my address changes?  I must be doing something wrong, or there must
be a way around this.  Thanks.

		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail 

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click

Re: guarddog uses ip number instead of name?

On Thursday 15 July 2004 08:19, * wrote:
> Thanks Avi, that helps!  BUT if the firewall is using ip numbers then it
> seems like I'm back to square one:
> 
> (1) I run guarddog and populate iptables.
> (2) I run /etc/init.d/iptables save, to save the state.
> (3) When my machine boots up it uses iptables-restore to restore the
> state.

Do not use "iptables save/restore". Read the README file in the tarball to 
make sure that Guarddog is correctly installed.

cheers,

--

-- 
Simon Edwards             | Guarddog Firewall
simon <at> simonzone.com       | http://www.simonzone.com/software/
Nijmegen, The Netherlands | "ZooTV? You made the right choice."

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click

Fedora core 2 guardog guidelog

Buongiorno,

I have a problem with Fedora Core 2   Guardog Guidedog.

I have download guardog for fc1 and obtain  an error  on fc2 when I try of
disabling firewall :

line 15: syntax error near unexpected token `then"
line 15: `  if [ $KERNEL_VERSION == "2.6" ]; then"

 I do not find guidedog for fedora Core 2

Thanks

Piero

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.719 / Virus Database: 475 - Release Date: 12/07/2004

-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click