Thanks Littleman,
I just took a quick look at gaurddog and it looks the best of GUI's I have seen. After being hacked by a "ultageek" and reading as much security stuff as I have time for.I am trying to be overly cautious. The linux system can be very secure. What I have learned is that if a true hacker finds your box, its like discovering gold or diamonds. The stuff that can be done undetected because of our true multi tasking OS will make him probe harder and longer to find the door to take control.
So the firewall needs to limit access but almost as important if he gets user access it should help keep him jailed.
I am just tring to understand the iptables rules to the point that I can limit access to certain ports on remote machines to certain users and IP's and drop everyone else.
I am even wondering if it's possible to ssh a box using a spoofed IP and have the firewall rules only accept that spoofed IP and drop everone else. Be able to open ports and be in a stealth mode to the most stingent port scans.
Maybe I am dreaming, don't know yet I havent learned enough.
Still would like to hear some thoughts from the "ultrageeks"
