[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: My first firewall

On Wed, May 22, 2002 at 01:54:10AM +0600, nishan wrote:
> some intrusion detection:
> build as much in module format as you can and don't keep modules that you 
> don't need.

I would rather suggest deactivating modules at all, just to avoid possible
LKM root-kits. 

And make sure no compiler or linux sources are left on the system
after it goes into production ;)

If it should be just a firewall, I think the only open port should be
ssh (restricted to certain hosts or just to the IP of your workstation).

BTW, getting a 2.4.x kernel running on potato implies upgrading some
stuff, at least modutils (not needed if you go without modules).

have a nice day
Frederik Schüler

To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: