On Thursday broadband to my address will be enabled/activated, hitherto I have just used linux, as I have been both too lazy and incompetent to set up any security or a firewall, obviously with the thing being on non-stop I'm going to have to mend my ways.
On my box I have an iteration of Slackware 10 on each disk, Debian Sarge on the first disk and a space for Free/Open BSD on the second, I also have a spare box with, I think, enough resources to run another set of Slackware or BSD.
I am aware of the existence of Iptables, no more than that. My question is which book should I buy, Building Internet Firewalls, or Practical Unix & Internet Security, both by O'Reilly?
Then all I will have left to learn is Emacs, Networking, Email with Sendmail, Fetchmail Exim etc., etc....
On Wed, 25 Aug 2004 10:12:56 +0100, John Seago johnseago@two-ravens.org.uk wrote:
On Thursday broadband to my address will be enabled/activated, hitherto I have just used linux, as I have been both too lazy and incompetent to set up any security or a firewall, obviously with the thing being on non-stop I'm going to have to mend my ways.
As a first step, get a broadband adaptor (ADSL modem?) with a built in firewall. Close all unrequested incoming ports, for example I only have ports 22 and 80 open on the ADSL modem.
Then worry about ports and services on your various OS partitions. Testing inside and from without with nmap and nessus can be very eye openning :-)
Good luck!
Tim.
Tim Green wrote:
On Wed, 25 Aug 2004 10:12:56 +0100, John Seago johnseago@two-ravens.org.uk wrote:
On Thursday broadband to my address will be enabled/activated, hitherto I have just used linux, as I have been both too lazy and incompetent to set up any security or a firewall, obviously with the thing being on non-stop I'm going to have to mend my ways.
As a first step, get a broadband adaptor (ADSL modem?) with a built in firewall. Close all unrequested incoming ports, for example I only have ports 22 and 80 open on the ADSL modem.
Then worry about ports and services on your various OS partitions. Testing inside and from without with nmap and nessus can be very eye openning :-)
Good luck!
Tim.
I second that advice. For most purposes, the in-built firewalls in a quality modem/router are more than good enough. We've tested lots, and have standardised on the Linksys range. If you need wireless then go for the WAG54G (about £84) which supports WPA and has 5 VPN tunnel endpoints built-in. If you need neither wireless nor VPN, then try the BEFDSR41W (about £51).
There are lots of cheaper ones around, but we liked the D-link least. The MRI boxes can be unreliable.
If you already have an ADSL modem, the options change a bit, but steer clear of USB.
Cheers, Laurie.