Re: Recommended security management packages

To: debian-security@lists.debian.org
Subject: Re: Recommended security management packages
From: Phillip Hofmeister <plhofmei@ip3inc.com>
Date: Fri, 23 May 2003 09:32:37 -0400
Message-id: <20030523133237.GA23644@ip3inc.com>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <Pine.LNX.4.53.0305211255130.1303@altaica>
References: <Pine.LNX.4.53.0305202056040.1303@altaica> <20030521144021.GC6170@pogo.bearhouse.lan> <Pine.LNX.4.53.0305211255130.1303@altaica>

On Wed, 21 May 2003 at 01:01:10PM -0700, Tib wrote:
> > nmap (port scan) or Nessus> (vulnerability scans) scans from outside the box,
> nmap installed, helped to block a bunch of ports with iptables

Your policy/rules should block ALL traffic (and ALL Ports) and
explicitly allow certain ports/traffics rather than trying to
selectively block traffic.


-- 
Phillip Hofmeister
Network Administrator/Systems Engineer
IP3 Inc.
http://www.ip3security.com

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
--
Excuse #248: You need to upgrade your VESA local bus to a MasterCard local bus.

Attachment: pgpp16HpwT2c2.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Recommended security management packages
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>

References:
- Recommended security management packages
  - From: Tib <tib@tigerknight.org>
- Re: Recommended security management packages
  - From: "Jeffrey L. Taylor" <jeff@austinblues.dyndns.org>
- Re: Recommended security management packages
  - From: Tib <tib@tigerknight.org>

Prev by Date: NIS (mis)configuration and MySQL alternative.
Next by Date: Re: promiscuous mode
Previous by thread: Re: Recommended security management packages
Next by thread: Re: Recommended security management packages
Index(es):
- Date
- Thread