Re: Firewall (Linux new-comer) mini-HOW-DID
On Thu, Oct 12, 2000 at 09:07:04AM +0200, Matthias Mann wrote:
> I´m sitting on a single computer. Yesterday i´ve read the firewall-HOWTO and
> was very confused cause there are examples for a network system. Is there
> any possibility to build a firewall or other usefull security systems for my
> machine? I like to use netscape navigator to have fun and for my work at
> internet. And i don´t like that others have access to my computer. Wich
> packages of Debian 2.2 potato should i use for this purpose? Or is there
> some better software available of other developers?
things i've done to make my debian less intrude-able:
- read books on security issues, such as
maximum linux security, isbn 0-672-31670-6
- include security into /etc/apt/sources.list:
deb http://security.debian.org potato/updates main contrib non-free
# and the usual
deb ftp://ftp.us.debian.org/debian stable main contrib non-free
deb ftp://non-us.debian.org/debian-non-US stable/non-US main contrib non-free
then
apt-get update
apt-get upgrade
- cut down spoofing attacks & install firewall:
apt-get install ipmasq
- find which ports are open:
apt-get install nmap
nmap <your outside-visible ip address>
- gather list of processes you wanna shut down
(based on nmap) and then
for RIP in $LIST_TO_SHUT_DOWN
do
/etc/init.d/$RIP stop
sleep 5
update-rc.d $RIP remove
# maybe kill, but don't remove?
# update-rc.d $RIP start 50 . stop 50 0 1 2 3 4 5 6 .
done
- setup flexible superserver
apt-get install xinetd
and configure it, then
/etc/init.d/xinetd reload
as always, ymmv.
--
things are more like they used to be than they are now.
will@serensoft.com *** http://www.dontUthink.com/
Reply to: