[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Closing ports...


* Phillip Hofmeister <plhofmei@zionlth.org> [20020915 23:23]:
> On Sun, 15 Sep 2002 at 06:15:04PM +0200, Markus Grunwald wrote:
> > But I have configured junkbuster to listen only to my network:
> > deny
> > permit
> I have never used junkbuster before but I will give you my standard advise I
> give to anyone securing their machine.  Investigate iptables (ipchains in 2.2).
> This will probably be your best tool in locking down a machine.  There are
> plenty of how-tos out their with pre-made rules.  I do not endorse any of
> them.  Instead I combined several of them to make my own rules.

I endorse FIAIF (http://fiaif.fugmann.dhs.org/), which handles almost
everything I'll ever need, and more to come - the author is responsive
and feels responsible about FIAIFs qualitay .. have a look at the
feature list, it really helped me getting away from the syntax of
iptables / ip to telling the box what I want it to do with whats
happing on its 7 interfaces .. ;)


Andreas Kotes - ICQ: 3741366 - The views expressed herein are (only) mine.
Unser Leben ist das, wozu unser Denken es macht. -- OpenPGP key 0x8F94C228
Our Life is what our thinking makes it.. Your mind is a weapon! Load it ..

Attachment: pgp0X1ZvOmf92.pgp
Description: PGP signature

Reply to: