Newie questions about security
On 28 Feb 2007 05:38:27 -0800, Jordi <acero_64@yahoo.com
> wrote:
Hello,
I just managed to configure my server and router and ips yesterday and
now I have questions about security. I did a scan of ports and saw the
only open are the ones I opened. I also set my router firewall to
"standard".
1) Must I CLOSE the ports that I don't use? Or just let them not
forwaded? (they appeared as STEALTH in the ports scan)
2) Should I use an extra firewall in my server plus the one that my
router has ? What about Firestarter? Any other good GPL firewall?
3) Should I adjust the firewall in my router to something custom, not
standard, and what do you recommend me?
4) I fear intruders and specially ddos. I saw a IDS called Snort that
many people use. What do you think? Any other good GPL IDS?
5) Now that I have the server running, y suppose I must stop using
gksudo and use only sudo. Not?
Thanks for your answers.
Jordi
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Personally, i use shorewall firewall (it can be downloaded with apt) and i find it really good, it is also well documented and you can always find help at the mailinglist. Check it out,
http://www.shorewall.net/
I really have little experience in this, so i ´ve never used any kind of IDS. As for the unused ports, in every site of security, it is shown as a good practice to close all ports unused to reduce the system vulnerability and only open the ones that are strictly necessary, i agree with these practice too.
Hope it hepls.
Javier
Reply to: