store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Fri Nov 28, 2014 9:13 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post subject: ASL Tip of the week
Unread postPosted: Fri Aug 26, 2011 2:05 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3673
Location: Chantilly, VA
We here at Atomicorp love the command line, so we developed ASL to also be managable from the command line. Anything you can configure or access from the GUI, or can also do from the CLI. This can come in handy if you want to script something ASL does, if you just prefer the command line (like me) or if you ever run into a problem with the GUI.

The key to all of this is the command "asl". It can only be run by root, so if you want to do this make sure you are the root user.

To see what the ASL command line can do, run this command as root:

asl -h

And that will show you all the ASL command line switches.

So lets look at some of things you can do:

asl -ub 1.2.3.4

That lets you unblock an IP address.

asl -dr 12345 --vhost www.example.com

That lets you disable a rule for the vhost www.example.com

asl --reload-firewall

Reloads the ASL firewall rules.

asl -pc

This fixes permissions on ASL directories (in case something or someone has changed them, this will set them back to what they need to be).

And much more. So, if you ever need to do things from the command line with asl, run "asl -h" to see what you can do!

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: ASL Tip of the week
Unread postPosted: Sat Aug 27, 2011 5:34 am 
Offline
Forum Regular
Forum Regular

Joined: Wed Jan 02, 2008 3:21 pm
Posts: 521
Location: United Kingdom
Nice tips, I'll take a look through those as I am more often at CLI than GUI.


Top
 Profile  
 
 Post subject: Re: ASL Tip of the week
Unread postPosted: Tue Oct 11, 2011 3:44 am 
Offline
Forum Regular
Forum Regular

Joined: Tue Dec 16, 2008 8:01 am
Posts: 369
Location: United Kingdom
Thanks Mike.

I like
asl -bl <IP>
as we often want to blacklist IPs from things going on on the reports. Interestingly, with with ASL 3 GUI when you get the detail of a security event, it shows the attacker's IP and has an option to "whitelist" but not an option to "blacklist". Can you add that easily? We'd love that.


Top
 Profile  
 
 Post subject: Re: ASL Tip of the week
Unread postPosted: Tue Oct 11, 2011 7:31 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7959
Location: earth
Sure thing, great idea


Top
 Profile  
 
 Post subject: Re: ASL Tip of the week
Unread postPosted: Thu Feb 09, 2012 1:14 pm 
Offline
Forum Regular
Forum Regular

Joined: Tue Dec 16, 2008 8:01 am
Posts: 369
Location: United Kingdom
Can we blacklist multiple IPs with asl -bl, separated with white space or commas or something else? That would be useful.


Top
 Profile  
 
 Post subject: Re: ASL Tip of the week
Unread postPosted: Thu Feb 09, 2012 3:32 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7959
Location: earth
You sure can, with a white space:
asl -bl 1.2.3.4 4.5.6.7 8.9.10.11


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group