Well I figured out how to get a Samba connection but its not Ideal. The Firewall script is a deny all by default and then drops all spoofed IP's (lan and wan). So the only way it works is to drop the firewall make the connection and restart the firewall. Since it's established and related it is allowed to continue. This actually works fine for my virtual machine but is going to be a hassel when my kids need to print from their stations.
What kind of firewall systems are some of you using and how are you developing them ?
If one of our resident nix experts knows how I should build this connection into the firewall please jump in.
Thanks Littleman, I just took a quick look at gaurddog and it looks the best of GUI's I have seen. After being hacked by a "ultageek" and reading as much security stuff as I have time for.I am trying to be overly cautious.
The linux system can be very secure. What I have learned is that if a true hacker finds your box, its like discovering gold or diamonds. The stuff that can be done undetected because of our true multi tasking OS will make him probe harder and longer to find the door to take control.
So the firewall needs to limit access but almost as important if he gets user access it should help keep him jailed.
I am just tring to understand the iptables rules to the point that I can limit access to certain ports on remote machines to certain users and IP's and drop everyone else.
I am even wondering if it's possible to ssh a box using a spoofed IP and have the firewall rules only accept that spoofed IP and drop everone else. Be able to open ports and be in a stealth mode to the most stingent port scans.
Maybe I am dreaming, don't know yet I havent learned enough.
Still would like to hear some thoughts from the "ultrageeks"