[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall (Linux new-comer) mini-HOW-DID

On Thu, Oct 12, 2000 at 09:07:04AM +0200, Matthias Mann wrote:
> I´m sitting on a single computer. Yesterday i´ve read the firewall-HOWTO and
> was very confused cause there are examples for a network system. Is there
> any possibility to build a firewall or other usefull security systems for my
> machine? I like to use netscape navigator to have fun and for my work at
> internet. And i don´t like that others have access to my computer. Wich
> packages of Debian 2.2 potato  should i use for this purpose? Or is there
> some better software available of other developers?

things i've done to make my debian less intrude-able:

- read books on security issues, such as
	maximum linux security, isbn 0-672-31670-6

- include security into /etc/apt/sources.list:
	deb http://security.debian.org potato/updates main contrib non-free
	# and the usual
	deb ftp://ftp.us.debian.org/debian stable main contrib non-free
	deb ftp://non-us.debian.org/debian-non-US stable/non-US main contrib non-free

  	apt-get update
  	apt-get upgrade

- cut down spoofing attacks & install firewall:
	apt-get install ipmasq

- find which ports are open:
	apt-get install nmap
	nmap <your outside-visible ip address>

- gather list of processes you wanna shut down
  (based on nmap) and then
		/etc/init.d/$RIP stop
		sleep 5
		update-rc.d $RIP remove
		# maybe kill, but don't remove?
		# update-rc.d $RIP start 50 . stop 50 0 1 2 3 4 5 6 .

- setup flexible superserver
	apt-get install xinetd
  and configure it, then
	/etc/init.d/xinetd reload

as always, ymmv.

things are more like they used to be than they are now.

will@serensoft.com *** http://www.dontUthink.com/

Reply to: