Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

FreeBSD Filtering Bridge to block NETBIOS over TCP Traffic

Posted on 2005-04-26
6
Medium Priority
?
604 Views
Last Modified: 2013-11-22
I already have a functional FreeBSD 5.3 Bridge with an open firewall (ipfw) enabled.

What rules need to go in the /etc/rc.firewall.local file to allow everything through (both ways) except for NETBIOS traffic.

Do I put in "add all from any to any" at the bottom and work my way up from thier?
0
Comment
Question by:tuaris
  • 3
  • 2
6 Comments
 
LVL 1

Author Comment

by:tuaris
ID: 13872434
Also, how do I make "tcpdump" startup automaticly on boot and display on screen without logging in as anyone?
0
 
LVL 3

Accepted Solution

by:
veaceslavz earned 100 total points
ID: 13875283
ipfw add 1000 deny tcp from any to any 135-139
ipfw add 2000 deny udp from any to any 135-139
ipfw add 60000 allow ip from any to any


>>>Also, how do I make "tcpdump" startup automaticly on boot and display on screen without logging in as anyone?

It is NOT recommended! If you need to view trafic you can use trafshow, most lukely.
Although you can try the following:
put the line
/usr/sbin/tcpdump -i rl0 > /dev/console
in /etc/rc.local, if it not exist create it. After reboot it will do this. rl0 - is the interface which you need.


0
 
LVL 1

Author Comment

by:tuaris
ID: 13879773
How come it's not recomended to have tcpdumd start automaticly?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 3

Expert Comment

by:veaceslavz
ID: 13880698
Depending on your version of Unix and it's configuration tcpdump put the interface in promiscuous mode and runned under super-user mode which is unsecured. In most versions of Unix, like IRIX, HP-UX, Solaris it must be installed and runed by root :(. For BSD you must have super-user read permisions on  /dev/bpf* (avialable for Mac-OS too).
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 100 total points
ID: 13881182
445/tcp
43/udp

> Also, how do I make "tcpdump" startup automaticly on boot and display on screen without logging in as anyone?
add it to /etc/ttys ( not good )
0
 
LVL 1

Author Comment

by:tuaris
ID: 13901312
Works great thank you both.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses
Course of the Month11 days, 8 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question