mmiller

Forum Replies Created

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • in reply to: Port Scan #47014
    mmiller
    Member

    the term “stealth ports” does not exist. You can drop traffic to ports via a -J DROP rule. If the ports where stealth then no one could connect to them. There other ticks you can use like a rule like this to cause a no route to host message


    -A INPUT -p icmp -m icmp --icmp-type 255 -j ACCEPT
    -A INPUT -p esp -j ACCEPT
    -A INPUT -p ah -j ACCEPT
    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
    -A INPUT -j REJECT --reject-with icmp-host-prohibited

    Now Steve Gibson I.E. Gibson Research is not a very good resource. You might want to read a book on iptables and or read the documentation. Astaro is a good product but also requires lots of cpu horse power. ZeroShell works well on systems with lots of horse power but also works well on embedded systems as well. The drawbacks you speak of may be a limitation of your self vs ZeroShell.

    in reply to: OSPF / BGP #46972
    mmiller
    Member

    Fulvio,

    Would it be possible to switch to Quagga? GNU Zebra has not have a release since 2005 and is no longer being developed.

    Thanks

    in reply to: Port Scan #47012
    mmiller
    Member

    from a shell prompt on you’re zeroshell device. Can you run this comand?


    # iptables -L -n

    If you have any ip addresses you might want to obfuscate them.

    in reply to: scp server on Zeroshell #46894
    mmiller
    Member

    I understand the need for backing up the /Database directory. I see the software you are wanting to use works with Samba, SSH, RSH, NFS and rsync. Rsync would be a better choice because it will only copy data that is changed and or new. Why backup the same data day after day if nothing has changed. or Why transfer the files that have not changed. Rsync can also transfer files via a rsync stream. I would be more supportive of rsync due to the features it provides.

    in reply to: Bandwidth monitoring for each IP Connect to internet #46793
    mmiller
    Member

    Fulvio,

    I think it would be nice to have SNMP added into ZeroShell as well. Will this be a add-on package or be apart of the default release?

    Could you also include a Netflow/sFlow probe?
    nProbe, NDSAD ( another probe) or even ipt-netflow (iptables module)?

    http://www.ntop.org/nProbe.html <— may not be a good example.
    http://freshmeat.net/projects/ndsad/
    http://sourceforge.net/projects/ipt-netflow/ <— Might be the best choice due to it being a iptables module.

    Thanks.

    in reply to: commercial vpn client … #46885
    mmiller
    Member

    After looking at http://www.thegreenbow.com/vpn.html I would say yes, you can use that VPN client with ZeroShell. You are on your own for setup the client. That depends on how you configured the VPN settings for ZeroShell.

    in reply to: scp server on Zeroshell #46892
    mmiller
    Member

    I see a reason to run ssh on the Zeroshell box. I really don’t see a reason to run the ssh subsystem sftp-server. You should only have to use the sftp client to move files to and from your zeroshell box.

    in reply to: GPRS/EDGE/UMTS/HSDPA router with Zeroshell #46572
    mmiller
    Member

    It sounds like some of the 3G cards or 3G USB adapter drivers are built into the supplied ZeroShell Linux Kernel. I’m not at home so I’ve not looked yet. Does ZeroShell come with WVDial installed? Fulvio could you build a package that could be added on like Samba and DansGuardian? I think it would make is easier for people to configure 3G mobile data devices. These devices use a extended AT command set just like all modern mobile phones. In the United States because the mobile carriers ship phones with custom ( restricted ) firmware and device settings. You can’t always use your mobile phone for Internet access via USB. You can use use Bluetooth DUND. You may have to pay extra to have that turned on. I’m thinking of getting a 3G data card (MiniPCI Express Card) for use with the ALIX 6b2 as a portable hotspot using Zeroshell or OpenWRT.

    I guess that leads me to this question. Fulvio how receptive are you to kernel driver request?

    Thanks again Fulvio for ZeroShell.

    in reply to: DNS Patches #46889
    mmiller
    Member

    Fulvio,

    What Kernel are you providing with beta 11?

    Thanks,

    in reply to: Routing protocols #46478
    mmiller
    Member

    Quagga (http://www.quagga.net) might be a good choice for RIP, OSPF and BGP. I’ve been looking at wireless mesh networks and OLSR looks like a good candidate. I’m also looking at other wireless mesh protocols. I would like to see this as well in Zeroshell.

Viewing 10 posts - 1 through 10 (of 10 total)