Security in general
I have a question which has been bothering me all along, with windows /
linux / *bsd / etc. In this case, it's about Debian so I thought I'd post my
Right now I have a linux-box (Debian 2.2r2) doing my
masquerading/firewalling. It has a dynamic ip (and changes quite often, like
3 times a day). It runs all the latest patches, no services except for sshd
(for internal hosts) and identd (which is open for external connects. yeah I
know I shouldn't, but I need it).
I have a firewall set up (ipchains in this case), which blocks just about
anything incoming, except for the high ports (for ftp) and identd.
I have no local users on the box except for totally trusted users (=me or
Still I don't feel totally safe (and I shouldn't from what I'm told), but I
wanna know what else I can do to enhance security. In the past I had
Portsentry running and stuff, but since I block (& log almost) everything
anyway, I see that stuff in my logs.
I have logcheck sending me mails, it comes with firewall-hits etc.
Is it usefull to have it running anyway? If it's in my log, it's already
blocked. So what can I do anyway...
I hope someone understands my question :)
It isn't very specific, I know, and I'm sorry..
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.