jetforce
asked on
Internet Security
I am new to this Linux business, I would like to know how to keep my box secure from the outside world, I use dialup connectivity so I do not need Apache or ftp server, so any advise would be helpful, please keep it simple as I am not a Network guru more like a network pleb.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also, subscribe to bugtraq, and read packetstorm: http://www.securify.com/packetstorm
Bugtraq is at http://www.securityfocus.com/
Both are invaluable resources for securing your machine.
And you might want to consider running OpenBSD instead of linux--it has fewer inherent security holes.
Bugtraq is at http://www.securityfocus.com/
Both are invaluable resources for securing your machine.
And you might want to consider running OpenBSD instead of linux--it has fewer inherent security holes.
Assuming you're running a relatively recent distro, there will be kernel firewall support already compiled in.
A "quick'n'effective" tool to make use of this, and block out the majority of outside accesses is Isinglass :
http://www.tummy.com/isinglass/
Works well for me - has options to log the packets etc., and has served me well. Remember that for the most part, people won't expend big effort on cracking a system of "minimal value" - and most of the "easy" attacks are blocked with a kernel-firewall of this nature.
For what it's worth, the worst attempts against my own machines in recent times have been a few portscans, and an EXPN scan on my mailserver. Because Isinglass shows the vast majority of ports as closed, most attempts stop before they start. The real rule is that for the services you WILL have open - make sure they're up to date, and keep checking for new security bulletins on them.
A "quick'n'effective" tool to make use of this, and block out the majority of outside accesses is Isinglass :
http://www.tummy.com/isinglass/
Works well for me - has options to log the packets etc., and has served me well. Remember that for the most part, people won't expend big effort on cracking a system of "minimal value" - and most of the "easy" attacks are blocked with a kernel-firewall of this nature.
For what it's worth, the worst attempts against my own machines in recent times have been a few portscans, and an EXPN scan on my mailserver. Because Isinglass shows the vast majority of ports as closed, most attempts stop before they start. The real rule is that for the services you WILL have open - make sure they're up to date, and keep checking for new security bulletins on them.
ASKER
Cheers