Hello,

Zenwalk keeps getting better. Small problem and advice needed.

It appears after a recent netpkg update / nvidia install, I have lost my firewall. When I try to start netfilter, it states IPtables not compatible (maybe need insmod)

When I try to modprobe ip_tables, still recieve errors. I have reinstalled netpkg iptables but still no luck.

I would assume something has gone wrong with the new kernel and IP tables/netfilter but don't know where to begin.

My question is - How can I start from scratch with just that portion?? I want to reinstall and start IP tables (rc.netfilter). Am I missing a module that needs to be loaded?

The advice I need is this - My computer was left on, live to the internet. for a day without (I think) any firewall running. I checked the messages and didn't see any login attempts (I disabled root login) but obviously I feel I have left the machine vulnerable. Is this true?? Is there something I can test to ensure someone didn't compromise my machine?? Perhaps a rootkit checker??

Furthermore, if the firewall wasn't running, is Zenwalk still pretty secure? I know I need a firewall running, but what I'm contemplating is, even without one and assuming they don't know my password, can a hacker still get in??

This is awesome!!

Joseph

You sound like a way too big portion of redmont-paranoia .. this is linux and as long as you are not running a bunch of servers on your machine it is never as open as those M$ boxes .. relax .. just make sure you are only running the services you need and trace down the iptables problem .. if it helps your paranoia you can check for rootkits using chkrootkit and you can use tripwire or snort for intrusion detection - on desktop machines usually these things are not needed though. A real skilled cracker (hackers are actually the good ones) will still be able to find a way into your box - but then - what should a real skilled cracker be motivated by.

I agree I'm a concerned and have tightened up many of the services. However, the IPtables is still broke.

I also should point out that if you watch your messages log, you'll see Asia constantly try to gain access, so someone is motivated to do something. Probably just send SPAM but their attempting.

Ultimately, do you feel Zenwalk's install is secure?

Not only the asians are trying - I get attempts from all over the place - but mostly just script-kiddie stuff - so if you are not running a web-server, ftp-server or ssh-server, you do not give most of those possible intruders much of a chance at all.

If you feel better using a firewall try firestarter - there should be zenwalk packages around - or even better - secure your LAN using a dedicated firewall box - there are _very_ nice and free implementations around depending on what else you desire apart from a firewall - fli4l e.g. even runs a whole system in RAM only - you don't even need a hard disk and just a piece of old hardware.

A zenwalk install is just as secure as any other linux desktop install - most of the time the guy in front of the install is the risk just see that you do what you feel is neccessary, learn about linux security, keep your wit and - probably most important - don't let those paranoia get you but rather use them for the expansion of your knowledge.