Internet Security

I am new to this Linux business, I would like to know how to keep my box secure from the outside world, I use dialup connectivity so I do not need Apache or ftp server, so any advise would be helpful, please keep it simple as I am not a Network guru more like a network pleb.
LVL 3
jetforceAsked:
Who is Participating?
 
jamesRConnect With a Mentor Commented:
There are a lot of security sites out there, which will give you a range of things that you can do to improve security. Rather than type out all of it again, I'll point you at a few choice ones...

First the TrinityOS website. Especially Section 8. This says everything I was about to say and more. http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS.wri
It describes in great detail your first lockdown after you install and will make a big difference to the security of your machine.

Second, the security/bugfix page for your linux distrubution. ( This should be available from the homepage eg. www.redhat.com.) Make sure that you keep up to date with the latest security patches.

After that, you can decide how paranoid you want to be. The Trinity OS website tells you about firewalls, and the IPChains HOWTO will tell you more, as will the Firewall HOWTO. Both of the HOWTO's are available at www.linuxdoc.org -- and they should also be present in your Linux distribution.

0
 
jetforceAuthor Commented:
I haven't had a chance to look at the documents, give me another day , if they are any good I will give you the points.

 Cheers
0
 
jamesRCommented:
The Linux Security HOWTO is another good document. Again at www.linuxdoc.org

0
 
patowicCommented:
Also, subscribe to bugtraq, and read packetstorm:  http://www.securify.com/packetstorm

Bugtraq is at http://www.securityfocus.com/

Both are invaluable resources for securing your machine.

And you might want to consider running OpenBSD instead of linux--it has fewer inherent security holes.
0
 
ibishopCommented:
Assuming you're running a relatively recent distro, there will be kernel firewall support already compiled in.

A "quick'n'effective" tool to make use of this, and block out the majority of outside accesses is Isinglass :

http://www.tummy.com/isinglass/

Works well for me - has options to log the packets etc., and has served me well.  Remember that for the most part, people won't expend big effort on cracking a system of "minimal value" - and most of the "easy" attacks are blocked with a kernel-firewall of this nature.

For what it's worth, the worst attempts against my own machines in recent times have been a few portscans, and an EXPN scan on my mailserver.  Because Isinglass shows the vast majority of ports as closed, most attempts stop before they start.  The real rule is that for the services you WILL have open - make sure they're up to date, and keep checking for new security bulletins on them.
0
All Courses

From novice to tech pro — start learning today.