[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How insecure are cable connections, versus dialup?

* Paul Johnson (baloo@ursine.dyndns.org) [021207 21:12]:
> On Sat, Dec 07, 2002 at 09:20:08PM +0100, Frank Gevaerts wrote:
> > What I would do (I don't since I have a dedicated firewall machine) is :
> > - close all unneeded services
> Better yet, not just close, purge them.
> > - install a firewall that just drops any incoming connection from your
> >   cable-connected ethernet interface. (I would recommend using fwbuilder
> The security gained with this step is epsilon under Linux if you don't
> have services that aren't needed installed.

I've seen many redhat boxes in which installed rootkits included
something to the effect of 'echo "6969 stream tcp wait root /bin/sh" >>
/etc/inetd.conf'.  Having a firewall up in this case prevents the
cracker from using the installed backdoor, even after an
intentionally-exposed service is broken.  It's a very good safety net to
have, especially in the case of an always-on static-IP-address cable
connection, which is likely to be swept by script kiddies who then
later try to connect to the boxes their scripts successfully penetrated.

good times,

Attachment: pgpYPVoDIZ55t.pgp
Description: PGP signature

Reply to: