Re: Several good suggestions Re: Help. My system cracked and used to spam

To: "David Teague" <teague@jackson.main.nc.us>
Cc: <debian-user@lists.debian.org>
Subject: Re: Several good suggestions Re: Help. My system cracked and used to spam
From: "Paul Smith" <pausmith@nortelnetworks.com>
Date: 09 Aug 2002 10:08:44 -0400
Message-id: <[🔎] p5it2kxgyb.fsf@lemming.engeast.baynetworks.com>
Reply-to: "Paul Smith" <pausmith@nortelnetworks.com>
In-reply-to: <[🔎] 021001c23fa3$5e930df0$8806fea9@Gandalf>
References: <[🔎] 20020808192410.GA1970@leeds> <[🔎] Pine.LNX.4.21.0208082320450.18715-100000@sol.cs.wcu.edu> <[🔎] 20020809133943.A1481@chrisk.sw.oz.au> <[🔎] 01ec01c23f58$af75cc80$8806fea9@Gandalf> <[🔎] p5lm7g8xri.fsf@lemming.engeast.baynetworks.com> <[🔎] 021001c23fa3$5e930df0$8806fea9@Gandalf>

%% "David Teague" <teague@jackson.main.nc.us> writes:

  dt> Paul suggests upgrading to Woody. Woody? On a 486/66?

Why not?

Obviously you don't want to install KDE or Gnome, but I doubt very much
that the base system is much slower or fatter in Woody than it was in
2.0.  Maybe slightly, due to new glibc, but not substantially.

That's one of the nicer things about UNIX systems: they are
component-based so if you don't need the super-whiz-bang components, you
don't have to have them and your minimum supported hardware doesn't
change that much.

  dt> He also suggests keeping the system security update current, but
  dt> points out that this only protects me from bugs, not configuration
  dt> errors. He suggests a firewall and not installing anything I don't
  dt> need. What about installing -- is it wrappers? to hide the ports
  dt> I'm not using?

Well, there's tcp-wrappers, but I think you mean ipchains or iptables
(ipchains is a way to implement firewalling features in Linux 2.2
kernels, and iptables is a much-improved re-implementation in Linux 2.4
kernels).

Yes, if your system is connected to the internet setting up ipchains or
iptables rules on your system is very important, especially if you don't
have a firewall.  Personally I use an old P100 with 32M RAM for my
firewall, running Debian Woody with a 2.4 kernel and an iptables
firewall.

Iptables is a _LOT_ simpler to use than ipchains, because it's
stateful.  That means you don't have to worry too much about allowing
_outgoing_ traffic; that works more-or-less magically.  You just set up
rules to block all incoming traffic that you don't want.

-- 
-------------------------------------------------------------------------------
 Paul D. Smith <pausmith@nortelnetworks.com> HASMAT--HA Software Mthds & Tools
 "Please remain calm...I may be mad, but I am a professional." --Mad Scientist
-------------------------------------------------------------------------------
   These are my opinions---Nortel Networks takes no responsibility for them.

Reply to:

References:
- Re: should . be followed by doublespace?
  - From: David Jardine <david@jardine.de>
- Help. My system cracked and used to spam
  - From: David Teague <dbt@cs.wcu.edu>
- Re: Help. My system cracked and used to spam
  - From: Chris Kenrick <chrisk@aurema.com>
- Re: Help. My system cracked and used to spam
  - From: "David Teague" <teague@jackson.main.nc.us>
- Re: Help. My system cracked and used to spam
  - From: "Paul Smith" <pausmith@nortelnetworks.com>
- Several good suggestions Re: Help. My system cracked and used to spam
  - From: "David Teague" <teague@jackson.main.nc.us>

Prev by Date: Debian net install and missing packages?
Next by Date: Re: ntpdate
Previous by thread: Several good suggestions Re: Help. My system cracked and used to spam
Next by thread: Re: Help. My system cracked and used to spam
Index(es):
- Date
- Thread