Results 1 to 10 of 10
  1. #1

    help in iptables 1.4

    welcome guys

    I`m using iptables 1.2.x with CentOs 4.6
    after a long time i decided to update to 1.4.x to have more security ... blah

    the README file says I must follow this steps

    make KERNEL_DIR=XXXXXXXXXXX
    make install KERNEL_DIR=XXXXXXXXXXXXX
    But my problem i dont know what it mean KERNEL_DIR
    i used :

    /boot
    /usr/src/kernel
    /usr/src/redhat/kernel-*/
    but the installation failed
    what is the correct KERNEL_DIR ?

    Thanks

    Dr.Wahb

  2. #2
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    2,549
    You should not compile iptables outside of the centOS RPM. I fail to see what more "security" you are wanting and given the fact you don't understand how to compile it , I have to strongly advise against it for you.

    If you really think you want to compile it manually then you are going to need the kernel-debuginfo rpm for your kernel.
    Server Management - AdminGeekZ.com
    Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
    WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
    Check our wordpress varnish plugin. Contact us for quote: [email protected]

  3. #3
    Thanks
    I dont know if i can find the RPM of iptables 1.4 for centos 4.x

    I will search in google

  4. #4
    i will explain what is this security matter !
    firewalls use iptables to work and to be loaded in the kernel processes
    some hackers can stop the firewall and disable it
    This issue can be from the firewall version maybe it old and have some exploites
    or
    the iptables old and have some exploites so when the hacker stop iptables the firewall will be stoped !

    i find this :
    http://rpm.pbone.net/index.php3/stat....4.0-5.src.rpm
    and
    http://rpm.pbone.net/index.php3/stat....i586.rpm.html

    but i dont understand this "i586" !

  5. #5
    Please any help ?

  6. #6
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    I don't think you know what you're doing, and you're probably going to break a lot of things when you try making this change.

  7. #7
    Join Date
    Aug 2007
    Location
    Greece
    Posts
    390
    Quote Originally Posted by LayeredSoft View Post
    i will explain what is this security matter !
    firewalls use iptables to work and to be loaded in the kernel processes
    some hackers can stop the firewall and disable it
    This issue can be from the firewall version maybe it old and have some exploites
    or
    the iptables old and have some exploites so when the hacker stop iptables the firewall will be stoped !

    i find this :
    http://rpm.pbone.net/index.php3/stat....4.0-5.src.rpm
    and
    http://rpm.pbone.net/index.php3/stat....i586.rpm.html

    but i dont understand this "i586" !
    if someone can stop the iptables module then simply by upgrading to 1.4 won't do any good.As far as i know only root can stop iptables.If you have a root level compromise you are looking at OS reload.
    Iptables 1.2 well configured is safe and not a security risk.
    You will have to audit the server and find the holes (if any) that let the hackers in.
    NOT a webhost!helping here just for the fun of it!
    G(r)eek inside.

  8. #8
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,202
    Go with a higher kernel and lower iptables.

    Pm me if you need further assistance.
    DigitalGoods.info
    FREE Shared, Mega Resellers + Dedicated Servers

  9. #9
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    2,549
    Quote Originally Posted by LoganNZ View Post
    Go with a higher kernel and lower iptables.

    Pm me if you need further assistance.
    Huh?

    ####

    As for the OP you are looking in the wrong area totally and you totally mis-understood my initial post.

    You should not be trying to recompile iptables as you first do not even understand what it is, you do not understand how it compiles and you are doing it for the wrong reasons entirely.
    Server Management - AdminGeekZ.com
    Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
    WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
    Check our wordpress varnish plugin. Contact us for quote: [email protected]

  10. #10
    Thanks Scott.Mc
    LoganNZ I dont understand what you mean with :
    Go with a higher kernel and lower iptables.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •