At 07:27 PM 3/14/02 -0500, Joseph Parente wrote: > I attended my first meeting the other night and > thought it was great.
Glad to hear that. Look forward to meeting you at the next meeting. (I was not able to come for the March meeting.) > Perhaps it's a little presumptuous of me to suggest > an agenda for the next meeting, but I'm interested > in fire walls and security and I thought that would > be a good subject for a discussion. Not presumptuous to suggest a meeting topic. Firewalls and security is very large topic. Perhaps breaking it into smaller chunks like iptables for one session, another aspect for another session. Somewhere, we could look at Bastille Linux security enhancement script. There are also prepackage Linux based firewalls like SmoothWall which could be demoed. If we had a "hack-me" PC available, preferably not somebody regular use system, we could try the scripts with Nessus and some recent exploits from SecurityFocus.com. > Than we could come up with an "official" HamLUG fire wall > script, one that could be configured for single machine, > router or what have you. That's a tall order. Perhaps better to have two or three scripts according to people's needs. A paranoid penguin one that extensively blocks everything, a middle level, a Web server one, etc. One thing about firewalls: they are a part of a comprehensive security process, not an end all. There are ways to get through firewalls. Linux, fortunately, does give a significant edge over Windows but there are some ways that linux systems with firewalls can get hacked, cracked, and wacked. Good sense in configuration and use of some other tools such as Snort and/or Tripwire can help. J.D. Abolins
