[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Security in general


I have a question which has been bothering me all along, with windows / linux / *bsd / etc. In this case, it's about Debian so I thought I'd post my question here. Right now I have a linux-box (Debian 2.2r2) doing my masquerading/firewalling. It has a dynamic ip (and changes quite often, like 3 times a day). It runs all the latest patches, no services except for sshd (for internal hosts) and identd (which is open for external connects. yeah I know I shouldn't, but I need it).

I have a firewall set up (ipchains in this case), which blocks just about anything incoming, except for the high ports (for ftp) and identd.

I have no local users on the box except for totally trusted users (=me or gf). Still I don't feel totally safe (and I shouldn't from what I'm told), but I wanna know what else I can do to enhance security. In the past I had Portsentry running and stuff, but since I block (& log almost) everything anyway, I see that stuff in my logs.
I have logcheck sending me mails, it comes with firewall-hits etc.
Is it usefull to have it running anyway? If it's in my log, it's already blocked. So what can I do anyway...

I hope someone understands my question :)
It isn't very specific, I know, and I'm sorry..


Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Reply to: