[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security in general

On Tue, May 29, 2001 at 10:50:07AM +0200, kjfsgjks ksjgkfhfd wrote:
> Hi,

kjfsgjks: You probably have a real name. Why not use it? 

> I have a question which has been bothering me all along, with windows / 
> linux / *bsd / etc. In this case, it's about Debian so I thought I'd post my 
> question here.
> Right now I have a linux-box (Debian 2.2r2) doing my 
> masquerading/firewalling. It has a dynamic ip (and changes quite often, like 
> 3 times a day). It runs all the latest patches, no services except for sshd 
> (for internal hosts) and identd (which is open for external connects. yeah I 
> know I shouldn't, but I need it).
> I have a firewall set up (ipchains in this case), which blocks just about 
> anything incoming, except for the high ports (for ftp) and identd.

Are your users using passive mode FTP? If so, then you can block
off the high port numbers too.

Just my 2p worth....

> Tubby

Karl E. Jørgensen
==== Today's fortune:
Facts are stubborn, but statistics are more pliable.

Attachment: pgpuNNm5w6kT4.pgp
Description: PGP signature

Reply to: