How can I tell if my firewall services are running. I am used to using iptables as a heavy red hat user. Suse firewall is a little bit of a learning curve for me. According to my system services in yast my firewall services are not running?
SuSEfirewall2_init running NO
SuSEfirewall2_setup running NO
Well, I have a fresh install of OpenSuSE 11.1 and it seems to me that the firewall is NOT running by default. I’ve run all the updates and upgraded to KDE 4.3, none of which should have switched the firewall off. I’ve just gone in to check if the firewall is running, and it’s not. I never touched it though! Weirdly, though, if I run some internet based “is your firewall working” page, it seems to think it is. But YaST certainly thinks it isn’t.
Firewall is NOT running
Start Firewall now.
Stop Firewall greyed out.
The only thing that I might have done that might have been unusual is I had to separately configure the network card as YaST didn’t seem to pick it up automatically like it usually does. Maybe when you configure the network card manually it doesn’t start the firewall? Bit silly if you ask me.
> palladium;2053354 Wrote:
>> caf4926 wrote:
>>> Someone switched it off. It’s ON by default.
>> and, if you didn’t turn it off then THAT is the reason i suggested (a
>> week ago) you hunt for the root kit that did/might have…
> This occurred to me also but that would just lead to a discussion like:
> Have you logged in as root?..
> rkhunter will do the job on rootkits
I never install any of those.
One should not think too highly about rkhunter and other such scripts.
They are basically useless, that has been discussed a lot during years.
All you get is false positives and false feeling of security.
Don’t trust them. Use them if you like, rather not.
Quickly looking for reference to back up my statement I only came across
this old thread from alt.os.linux.suse, but there’s a lot more if you
Well, I downloaded Opensuse from the website, verified its checksum, and installed it. Then ran the updates. So you’re suggesting the repositories install a rootkit that disable the firewall? If that’s the case, I’m very worried, and maybe we should all abandon OpenSuSE, as they’re doing something very nasty. I’m hoping it happened when I set up the network.
How else could a rootkit get on my computer? How should I find it?