APF + BFD + DDOS + Rootkit
- Thread starter powerdomein
- Start date
NP there, but if you reboot wont it just start the firewall again?.
Maybe a pre cofig for the ports that need to be open.....
Perhaps the author will shed some input.
If you run kiss from the command line, it won't start automatically after reboot. In order to start it automatically, you have to put it into /etc/rc.d/init.d/ and enable for required runlevels with chkconfig.
I am not sure what install script you are talking about, but chown command expects 2 arguments: user name (optionally followed by semicolon and groupname) and the file name.
It looks like the 2nd argument is missing in your install script.
AndyII
Verified User
- Joined
- Oct 3, 2006
- Messages
- 566
this is the KISS firewall listed here, so what you are saying is the command didnt include the file name?, instructions were as:
cd /usr/bin/
wget http://www.web4host.net/tools/kiss
chmod 700 kiss
chown root:root
should it have been?
chown root:root kiss
cd /usr/bin/
wget http://www.web4host.net/tools/kiss
chmod 700 kiss
chown root:root
should it have been?
chown root:root kiss
Last edited:
that's right
It depends on what userid you were running wget command under.
As you are supposed to run this as root anyway, nothing would happend most probably, it's just a matter of good practice to set permissions and ownership explicitly.
Last edited:
Thanks to all for the help, one of the many reasons I prefer DA over the others...
there are no "logs" to this, are there? nice to be able to see what work it is doing....
I believe by default it will log martians addresses, you can add more log rules as you find appropriate. Not sure what you mean by "to be able to see what work it is doing", though. Type
Code:
iptables -L
nobaloney
NoBaloney Internet Svcs - In Memoriam †
KISS doesn't log. APF+BFD does log, and even send emails, but some people think it overlogs.
Jeff
nobaloney
NoBaloney Internet Svcs - In Memoriam †
AndyII
Verified User
- Joined
- Oct 3, 2006
- Messages
- 566
urgent
urgent, anyone know How do we limit the http connections per IP, or a way to stop flooding?
perhaps KISS doesn't have this capability?, Please point me in the correct path, please?.....
Andy
urgent, anyone know How do we limit the http connections per IP, or a way to stop flooding?
perhaps KISS doesn't have this capability?, Please point me in the correct path, please?.....
Andy
AndyII
Verified User
- Joined
- Oct 3, 2006
- Messages
- 566
mod_limitipconn
ok, thanks, can you elaborate on how to use?, searching Google seems to point to ftp, Im not using Apache 2.
where is this invoked?, in the http config....
any help is appreciated
One quick question. When I set sshd so root can't login, it works fine. But when I use my user login and su and try to type apf, bfd, ddos it says "bash: command not found". Is that suppose to happen. Do I have to actually ssh in as root. I disabled that for a reason?
Thanks
Thanks
nobaloney
NoBaloney Internet Svcs - In Memoriam †
No, you don't have to log in as root.
But when you log in as admin and/or some other username, you've got your paths and settings for your username, not for root. When you use su you still have your paths and settings, so you don't know where anything usable only by root is found.
Instead of su use su - (note the space and then the - character)
Then you'll have a new root login and everything will work.
Jeff
But when you log in as admin and/or some other username, you've got your paths and settings for your username, not for root. When you use su you still have your paths and settings, so you don't know where anything usable only by root is found.
Instead of su use su - (note the space and then the - character)
Then you'll have a new root login and everything will work.
Jeff
AndyII
Verified User
- Joined
- Oct 3, 2006
- Messages
- 566