Re: is iptables enough?
Thanks for all the responses to my iptables question. From what I
read, it looks like iptables will be adequate protection for their
setup. I went to see her again yesterday to start setting things up.
One thing they forgot to mention was that they used Exchange for
email. That means instead of running exim, I will have to forward
SMTP & POP traffic to their Exchange server. The Exchange server
will not be directly connected to the Internet.
Their old Windows 2000 server was on the net 24/7 via a 768k DSL
connection. It didn't have any of the MS patches or service packs.
I am surprised that it was not hacked with all those Win 2K
vulnerabilities out there. Their DSL modem (Speedstream) supposedly
has a built-in firewall but the default rules is to let everything in
so it wasn't much good. I will configure it to let in only HTTP,
SMTP, POP and SSH. That will provide an additional layer of
security. Not sure how useful it is though.
I have been using a Debian Linux system at home to share my cable
modem connection for several years. I run apt-get & logcheck on it
and I will be doing the same for them. I am on the
debian-security-announce list so I should be able to stay on top of
things as far as Debian security updates are concerned.
Funny ... when I first mentioned Linux, their first though was
Redhat. To them, Redhat was synonymous with Linux :-) I had to
spend a few minutes educating them that there is more to Linux than
Redhat.
At home the biggest intrusion attempts I get are fools trying to
connect to the NetBIOS and HTTP ports. Lately I have been seeing an
increase in activity on port 445. I found out from a Google search
that port 445 is yet another Windows hole being exploited.
For the hardware, all the systems I saw yesterday are extreme
overkill for a server running only Apache. I didn't see any SCSI
drives so I will use a pair of IDE drives configured for RAID-1.
later
jmb
Reply to: