beldon on Wed, 24 May 2000 11:37:19 -0400 (EDT)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Security/Firewall question


> On Wed, May 24, 2000 at 02:33:01PM +0000, beldon@scamail.com wrote:
> > Hi there.
> > 
> > I am just setting up a firewall for my DSL connection.  Now, I don't have 
the
> > DSL yet, so in the meantime I'm using the dialup from the firewall.  It 
seemed
> > to be working well until today.  I looked in linuxconf and saw that the
> > DNS Server addresses had been changed somehow.  I thought I had perhaps 
changed
> > them accidentally, so I changed them back to what they should have been, and
> > dialed in again.  When I went back in again, it had changed back to the 
wrong
> > addresses again.My question(s) is (are):
> > 
> > 1. Is there a file that overrides the DNS settings in linuxconf?
> > 2. Is there some normal ppp logging in process that can legitimately re-set
> > these values?
> > 3. Have I been hacked already?  (Only got the thing to work two days ago)
> > Any advice would be appreciated.Thanx! - Tony (new to all this networking 
stuff)
> 
> How is your network set up? Typically ppp connections use bootp or
> dhcp, either of which would reset your NS and IP. This is normal.
> 
> I don't remember how to check if you're using bootp or dhcp.
> 
> -- 
>  Jeff Abrahamson
>  610/270-4845
>  abrahj01@molbio.sbphrd.com
> 
>  (home email is jeff_abrahamson@purple.com)
> 
> ______________________________________________________________________
> Philadelphia Linux Users Group       -       http://plug.nothinbut.net
> Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
> General Discussion   -   http://lists.nothinbut.net/mail/listinfo/plug

Oh.  I'm using DHCP.  I had no idea it would also change the DNS entries.  I 
thought it was just for the IP address.  I just (understandably) get nervous 
when a system file (resolv.conf) gets rewritten by something outside my 
firewall, especially as I'm very aware how little I currently know about 
networking in general and firewalling in particular.  But I'm learning.

BTW, I highly reccommend the book "Building Linux and OpenBSD Firewalls" by 
Sonnenreich and Yates.  Once I get my OpenBSD CDs, I'll be installing a 
firewall on that (drive drawers rock!) to compare and contrast the 
experiences.  If anyone's interested, I can post what I find.



______________________________________________________________________
Philadelphia Linux Users Group       -       http://plug.nothinbut.net
Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce
General Discussion   -   http://lists.nothinbut.net/mail/listinfo/plug