Re: Newie questions about security

To: debian-user@lists.debian.org
Subject: Re: Newie questions about security
From: "Jordi" <acero_64@yahoo.com>
Date: 28 Feb 2007 08:38:31 -0800
Message-id: <[🔎] 1172680710.951556.217200@8g2000cwh.googlegroups.com>
In-reply-to: <7TzxY-6Nt-33@gated-at.bofh.it>
References: <[🔎] 1172669906.980186.288230@z35g2000cwz.googlegroups.com> <[🔎] 20070228160651.GD22549@localhost.localdomain>

Thanks to all for your recomended soft.

It seems all people like shorewall, so I will see it. I read that
firestarter was easiest, but if you think it is better shorewall, I
will use shorewall.

Thanks Andrew for such a good explanation.
I will compare Tiger and Snort, maybe they can be used together.

I hope to be able to grow in some time and be able to have more dsl
lines and servers runnig, but in the beginnig even if I don't earn or
ask for money I don't want to give a bad service to people, that is
why fear ddos. I will also buy a SAI to have electricity if I have a
small power cut.
I saw ddos is a crime, so people that do it must be a bit stupid, as
they can end in jails.

When that happens, the only solution is to turn off the server and
wait? Or can one reflect or block the attack?

Jordi


On 28 feb, 17:10, Andrew Sackville-West <and...@farwestbilliards.com>
wrote:
> On Wed, Feb 28, 2007 at 05:38:27AM -0800, Jordi wrote:
> > Hello,
>
> > I just managed to configure my server and router and ips yesterday and
> > now I have questions about security. I did a scan of ports and saw the
> > only open are the ones I opened. I also set my router firewall to
> > "standard".
>
> > 1) Must I CLOSE the ports that I don't use? Or just let them not
> > forwaded? (they appeared as STEALTH in the ports scan)
>
> in linux, the only ports that are a danger are the ones that have a
> process listening on them. For example, if you only have and http
> server running(apache) then the only port that is open is 80 and that
> is the only port that is a concern. The other ports are effectively
> "closed" because there is no process listening to them...
>
> > 2) Should I use an extra firewall in my server plus the one that my
> > router has ? What about Firestarter? Any other good GPL firewall?
>
> shorewall. check the excellent website for help.
>
> > 3) Should I adjust the firewall in my router to something custom, not
> > standard, and what do you recommend me?
>
> a good hardware firewall is a great tool. And its easy to use -- only
> forward those ports that  you want, and the rest will be blocked. done.
>
> > 4) I fear intruders and specially ddos. I saw a IDS called Snort that
> > many people use. What do you think? Any other good GPL IDS?
>
> You should fear intruders-- install tiger and learn about it so that
> if you do get compromised, you'll know. Also learn to read your
> logs. there are log filtering programs that can help with this. Not
> sure why someone would want to go to the trouble of ddos'ing you those
> theres always a possibility. What is your concern there? DDOS would be
> a problem if you had some mission critical online app that you needed
> to have up. BUt if you're just running a little home server and you
> happen to get randomly hit by some attack, ust take it offline for a
> bit. but I don't really know.
>
> > 5) Now that I have the server running, y suppose I must stop using
> > gksudo and use only sudo. Not?
>
> doesn't matter.
>
> A
>
>  signature.asc
> 1 KDescargar

Reply to:

Follow-Ups:
- Re: Newie questions about security
  - From: "Roberto C. Sanchez" <roberto@connexer.com>

References:
- Newie questions about security
  - From: "Jordi" <acero_64@yahoo.com>
- Re: Newie questions about security
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>

Prev by Date: Re: ssh
Next by Date: Re: question about dns server at home
Previous by thread: Re: Newie questions about security
Next by thread: Re: Newie questions about security
Index(es):
- Date
- Thread