Re: Linux network security poll
Zach: I need to get serious about security since I will be soon connected to the net almost 24x7 (barring a power outage etc.) so I was wondering if list members could explain their security setup (network configuration, DMZ, firewalls, IDS, logging, etc.). I just have a router between the internet and my clients. It forwards two or three ports to another machine (SSH, http, ...) and otherwise is busy NATting. That's it. Also what would you recommend for someone like me who is still on an entry level in terms of my understanding of Linux and network security and what would recommend for later on down the road once I get more sophisticated? The most important thing for you is to get a basic knowledge about TCP/IP and the theory behind it (ISO/OSI model). If you have that, the rest is just about picking the tool you want to use. It probably never hurts to learn how to use iptables directly before you start using frontends for it. J. -- In an ideal world I would cure poverty and go to the gym at least three days a week. [Agree] [Disagree] http://www.slowlydownward.com/NODATA/data_enter2.html signature.asc Description: Digital signature
Re: Linux network security poll
re security http://www.debian-administration.org/articles/455 http://www.linuxsecurity.com/resource_files/host_security/securing-debian-howto/apA.en.htm Play with firestarter. It will help you learn about iptables. For more info google on securing debian; or if you want to really get serious, hardening debian. RD -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Linux network security poll
I need to get serious about security since I will be soon connected to the net almost 24x7 (barring a power outage etc.) so I was wondering if list members could explain their security setup (network configuration, DMZ, firewalls, IDS, logging, etc.). Also what would you recommend for someone like me who is still on an entry level in terms of my understanding of Linux and network security and what would recommend for later on down the road once I get more sophisticated? I run Debian lenny with a 2.6.18 kernel. I will be getting ADSL next week and plan on having a DSL modem/router doing NAT. I only have one machine now but plan on adding another one within the next 3 months or so. Zach -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Linux network security poll
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/09/08 16:18, Zach wrote: I need to get serious about security since I will be soon connected to the net almost 24x7 (barring a power outage etc.) so I was wondering if list members could explain their security setup (network configuration, DMZ, firewalls, IDS, logging, etc.). Also what would you recommend for someone like me who is still on an entry level in terms of my understanding of Linux and network security and what would recommend for later on down the road once I get more sophisticated? I run Debian lenny with a 2.6.18 kernel. I will be getting ADSL next week and plan on having a DSL modem/router doing NAT. I only have one machine now but plan on adding another one within the next 3 months or so. The modem/router *should* be all the firewall you need. I, however, like having a plain no-security non-router cable modem. That way, I get to choose what kind of hardware to use as router firewall. - -- Ron Johnson, Jr. Jefferson LA USA PETA - People Eating Tasty Animals -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHrjT0S9HxQb37XmcRAsGAAJ4vy9waZfP3agKyZY4kFrw/nwaS/wCg7Nxq oprHipmRuLM7itWEYLhMlPI= =x+1w -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Linux network security poll
On Sat, Feb 09, 2008 at 05:18:09PM -0500, Zach wrote: I need to get serious about security since I will be soon connected to the net almost 24x7 (barring a power outage etc.) so I was wondering if list members could explain their security setup (network configuration, DMZ, firewalls, IDS, logging, etc.). Also what would you recommend for someone like me who is still on an entry level in terms of my understanding of Linux and network security and what would recommend for later on down the road once I get more sophisticated? I run Debian lenny with a 2.6.18 kernel. I will be getting ADSL next week and plan on having a DSL modem/router doing NAT. I only have one machine now but plan on adding another one within the next 3 months or so. It all depends on what you intend to do. If its just your home box that will be connected all the time now, and you're not offering services on the internet, then its pretty straight-forwared and should be no different to what you are doing now. If you do need a DMZ, then read the shorewall-doc package, even if you're not going to use shorewall its a good document. Close all ports and only open those ports you need, in all directions, as default. Have only those daemons listening which you need to be listening and only on the interfaces you need. I.e. if you don't intend to ssh into your box from the internet, you can tell sshd exactly what interfaces to listen to (and don't tell it the one for the internet). Based on other threads I've read recently, its not obvious that you should have separate NICs for the internet and your internal network. You do. NICs are cheap. If you only add a second box, you can use a cross-over cable and don't need a switch. If you add any other network device, get a linksys 5 port switch for $10 or whatever. Run ntpd to keep the system time synced. Your firewall box will hopefully end up stratum 3. Your other boxes can watch the firewall and be stratum 4. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]