[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: crack traces in /var ?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Jul 25, 2003 at 07:49:13PM +0200, Andreas von Heydwolff wrote:
> What I wonder is whether it is potentially dangerous for me to have 
> iptables starting quite slowly on my 133MHz firewall machine, 

Nope, not really.

> And I now wonder whether a powerful thing like iptables is manageable by 
> an amateur with some half knowledge when even professionals have their 
> troubles.

Of course it is.  Not all professionals know what they're doing.

> Or perhaps I am now in the process of learning the hard way 
> that the good enough firewall has to be on at *all* times, no matter what.

No, however, a firewall is not the end-all, be-all of security.  You
don't have a really weak root password or something, do you?

> I also wonder whether a stock Windows98 box is less of a hassle because 
> a friend who is not so security conscious is customer of the same cable 
> provider. 

Oh, hell no.  You think iptables is hard, just *try* securing a
Windows box.  It can't be done.  Windows exists exclusively to live on
firewalled networks.  Microsoft even says this somewhere in thier
support knowledge base, "trustworthy computing" be damned.

> Despite frequent hits on my firewall from the provider's 
> subnet to which he must more or less be subjected too he has never 
> reported anything problematic.

Of course you're going to see traffic on your subnet.  I *really,
really* hate windows-based "personal firewalls" for instilling the
idea that normal traffic somehow constitutes an attack (and that a
windows box with a program listening on *every* port is somehow more
secure than just shutting off listening services, or the idea that
Windows can be secured from within at all).  Other people use that
subnet, too, and other people need to send broadcasts for DHCP, ARP
and what not...

> Do Linux boxen attract the more skilled attackers?

Yes, but for every skilled attacker, there's thirty of fourty script
kiddies waiting to nail Windows hosts.

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Ign8J5vLSqVpK2kRAgi6AKCW6iTJqeb2C4WS3cwn74MzooZ1+wCgtgT6
X5Yi16KxjQ+fBd54ytyaZUg=
=ZLyg
-----END PGP SIGNATURE-----



Reply to: