On Fri, 25 Jul 2003, Andreas von Heydwolff wrote:
> [ Snip most details of computer setup and getting cracked ]
When you install a system, unless its absolutely necessary, install it
from behind a firewall.
Then, before you set up any sort of firewall on the machine, start
disabling ports - most servers can be configured to listen to only
the local loopback device or the internal network. Even without a
firewall, your system should be secure. (Hint: 'listen', 'bind',
'allow from', 'interface', etc in config files to limit what device
the server listens to, and xinetd to limit those services that
traditionally start from inetd.)
Your goal is to be able to scan your machine (via nmap), and find
no unnecessary service listening to the outside interface.
Then, build up your firewall scripts.
Connect to the internet and do all the security updates.
Finally, use a security scanner from outside your machine ( I
believe that http://www.grc.com has one [about the only thing
the site's good for, IMHO]).
You don't want your security system to consist solely of your
firewall - firewalls are supposed to supplement your defense!
Just my $.02
~ Jesse Meyer
--
icq: 34583382 / msn: dasunt@hotmail.com / yim: tsunad
"We are what we pretend to be, so we must be careful about what we
pretend to be." - Kurt Vonnegut Jr : Mother Night
Attachment:
pgpXyRzjI6Zww.pgp
Description: PGP signature