I am trying to get the hang of IPChains, but,frankly, it is kicking my ***.

I set the default policy for input to deny and leave it at that because I am not running any services at this point. I can't go anywhere at this point! I go in and try and open up port 80 to see if that would make a difference, but nope.

Am I doing something wrong?

Yeah, the problem is, you're completely killing any chance of having any information enter your computer. (as in, you can't download anything, no computer can interact with you in any way whatsoever)

I'm not familiar with ipchains, I only know about iptables.

What you want to do, though, is disable (DROP, DENY, whatever) all incoming SYN packets, but leave the INPUT chain to ACCEPT.

There is an NHF on this, I'm sure. I don't know if it covers ipchains though, might just be iptables.

IPChains can get quite confusing but there is a nice hotwo here: http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html

I would recommend that you get the latest 2.4 kernel and start using iptables. Iptables is the new firewalling code in linux kernels. Ipchains is still supported but usually with modules. Only problem is its hard to find howtos about iptables just yet.

http://www.linuxnewbie.org/nhf/intel/network/ipchains.html

There's an ipchains NHF...
http://www.linuxnewbie.org/nhf/intel/security/iptables_basics.html

And an iptables NHF... :)

The reason that I wanted it on DENY is because I just wanted to deny all incoming packets, and just accept the individual ones that I wanted. I will try to block all incoming SYN packets and put the INPUT back on ACCEPT. I haven't tried that yet. I hope it works. *crosses fingers*

td, thanks for that link. It is very informative. I might just have to print that one out. :)

[ 09 July 2001: Message edited by: Ace69 ]