First of all, thanks to everyone who shared their opinions on working as
root. I've printed out a bunch of messages and will be digesting them as
time allows. For those who wondered why I need to be root so often, it's
because I'm still very much involved in getting the system set up,
installing programs, etc., and it seems I have to be root in order to do
a lot of what needs to be done. Once the system is complete and has a
chance to settle, I can handle working as user. But for now, it is very
inconvenient.
My priorities now are first, to firm up my Internet security; second, to
get my Type 1 fonts working and available to applications; third, to
figure out what's going on with the printers.
Today I worked on Internet security. I tried some of the things
suggested and frankly, I don't have a clue. I don't understand the
directions, I can't find some of the things suggested, I can't deal with
scripts, I don't have six months to take a course.<g> I read the How
To's on network security and firewalls and they descended into geekspeak
much too fast and far too deeply and I was lost.
Remember, I'm your test case--the Windows user who wants to say good-bye
to Microsoft but does not want to and will not become a command
line/console sort of gal. Mandrake 8 claims to have me in mind.<g>
Since I was stumped by the console approach, here's what I did in
desperation to get my ports closed on the Internet. I ran draksec as
root from a command line and when it came up, I set my security to
Medium. I also ran BastilleChooser and picked the Medium level, no
server option. Then I went on the Web and back to grc.com and
sdesign.com to test my ports. At grc.com all my ports were closed, which
was an improvement from when I tested before and my SMTP port was
reported open. I turned off some startup process or whatever it's called
that had something to do with mail transport. So okay, some progress. At
sdesign.com I had fewer ports open than I did before, but I'm still
seeing open ports at 631 (tcp) and 6000 (tcp X11).
I got the same results whether I went online as root or as user.
How can I get those ports closed? Clear directions much appreciated! If
you tell me exactly where to look and what to edit, I can do it, but I
can't figure it out on my own.
I tried to run the interactive Bastille but I didn't understand the
options and the explanations were much too sketchy. I don't like to make
decisions like that when I don't understand what I'm doing. So I ran
BastilleChooser instead and figure it's better than nothing. Why isn't
Bastille on medium security closing all my ports?
Thanks very much for any help you can give.
--Judy Miner
