Greetings,
I have DSL and use a cast-off 486/66 as a firewall. The
DSL I have down here in Stafford, VA is bridged, not routed
so I have a LOT of junk traffic.
I turned on detailed logging and in about 1 hour had 200K
in my /ver/log/messages. The others on the DSL were using
a lot of SMB (Windows) networking stuff, probably looking
for shares on unaware folks. This junk really messed
with my logging....
On the firewall, close all ports you don't need. Run
port sentry (at least on a few ports that you have closed,
like the "r" ports). Check your logs and the result of
portsentry every day or two. Read some security
howtos and docs such as those at http://www.linuxstart.com.
I also have a problem with my DSL just "going away". I
have a static IP and a server running 24/7 (except when
my 6 year old turns it off -- http://www.gatorlinux.com).
I tried accessing it the day after I put it online and
could not. All it took was for my wife to try to visit
a site from home, then I could remotely access the site.
The solution to this was to have a script to do a ping
every x seconds (10 or so) to my provider's mail server.
(Any host would do, but I wanted to keep the traffic
local to the ISP.)
People are scanning dialup hosts as well. A year or so
ago, someone tried several times to use my laptop as
a mail relay, but the RedHat supplied config denied it
and logged it (I think I posted to the RedHat list
at the time).
At least with Linux we have control over what is
available on our hosts and have visibility into our
systems. We have good logs and programs like rpm, tripwire,
and port sentry to try to keep our systems safe. We
also are much less likely to get hammered by a virus
or by "active" email (melissa). Browsing with
Windows, IE, and Active X is like finding someone on
the street and having unprotected sex with them!
Cheers,
--
W. Wade, Hampton <[EMAIL PROTECTED]>
Support: Linux Knowledge Base Organization http://linuxkb.org/
Linux is stability, performance, flexibility, and overall very fun!
The difference between `Unstable' and `Usable' is only two characters:
NT
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
