If you're just a home user, doing your thing and cruising the net, you should be fine. If you are running servers/services or a company, your ip is more open to traffic and thats where you might want to impliment a better firewall and hardening solution.
On Mon, 21 Jan 2002 08:20:48 -0800 Andrew Blevins <[EMAIL PROTECTED]> wrote: > Question #1 Emphatically yes, an intruder could do alot more than just > deface your site. Go to Google, and search for unicode vulnerability (if you > run IIS). This is just one example. > Question #2 I dunno, anyone else want to take this one? > > > -----Original Message----- > From: apif [mailto:[EMAIL PROTECTED]] > Sent: Saturday, January 19, 2002 2:26 AM > To: [EMAIL PROTECTED] > Subject: RE: seeking a better understanding > > > I recieved one response to my original post... so maybe I am not in the > right conference / newsgroup. If this is so, please let me know. Otherwise, > the two following questions would scoot me along to understanding what I > need about basic security. Thanks. > > 1. Given port 80 (and only port 80) is open to the outside world, if someone > were to breach that port, could they do more than deface my website? > > 2. Is a home router that does src port blocking, packet intraspection, and > NATing enough, or do I need a middle box running some form of firewall > software too? > > -----Original Message----- > From: apif [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 16, 2002 2:25 PM > To: [EMAIL PROTECTED] > Subject: seeking a better understanding > > > All, > > Where to begin? I have a home network, and am considering putting in > a web > server. At this point I am considering the security of it. I suppose the > best way to help you in helping me is to tell you a little about me, my > network, and how I plan on using this. > > I'm from a technical background and support MS servers. I have very little > experience in Linux, and only a little in security. Security mostly comes > from another group in my company. > > My connection to the internet is DSL. I am planning to upgrade it to a > premuim connection so that I can have static IP's. A domain name and DNS > registration will be a course of action further down the line. > > My home network consists of less than 5 boxes, each running varying O/S's. > All MS O/S's are running personal firewalls. Other boxes are Linux. > > I have a netgear R0318 router which is up to date on it's firmware. It > supports NATing, packet intospection, and blocks ports except where I > specify they should be allowed through. > > So here is the run down. I'm weak on Linux, but that is what I want to put > the web server on. It will run on Apache web software. All machines are > behind the router, and all addresses are NAT'd. I would project out port 80 > for the Slackware Linux machine, and no others (except maybe FTP at some > point unless you think this would not be wise). I currently do not have any > A/V software on my linux box (and to be honest, have no idea what sort of > A/V to put on a linux box). > > Now that you have the background, my questions comes down to this. If port > 80 is the only port allowed through, and someone chose to attack this port, > could they compromise my system, and if so how? What other steps should I > take to protect this system? I see IPTables (I guess it replaced IPchains) > in slackware. I know this is a firewall, but I don't think it is like the > personal firewall I have on MS boxes. I suspect it is more like a full corp > class firewall, and probably as complicated. Should I be using this on my > Slackware machine? Do you have any suggestions of what A/V software I should > use on a linux machine, and do the spot trojans as the MS ones do? Thank you > for your time. I'm sorry this was so long. > > >
