Re: Newie questions about security

To: debian-user@lists.debian.org
Subject: Re: Newie questions about security
From: Paul Johnson <baloo@ursine.ca>
Date: Wed, 28 Feb 2007 13:21:46 -0800
Message-id: <[🔎] ac8hb4xojr.ln2@ursa-major.ursine.ca>
References: <1172669906.980186.288230@z35g2000cwz.googlegroups.com>

Jordi wrote:

> Hello,
> 
> I just managed to configure my server and router and ips yesterday and
> now I have questions about security. I did a scan of ports and saw the
> only open are the ones I opened. I also set my router firewall to
> "standard".
> 
> 1) Must I CLOSE the ports that I don't use? Or just let them not
> forwaded? (they appeared as STEALTH in the ports scan)

RFC says stealth should never be used.

> 2) Should I use an extra firewall in my server plus the one that my
> router has ? What about Firestarter? Any other good GPL firewall?

Firestarter and other Linux based firewalls are when you want to build a
firewall for your network.  You cannot build a firewall for just the
computer you want to firewall:  Firewalls, by nature, must be on dedicated
hardware to work.  Thus, ZoneAlarm, Kerio, BlackICE, Windows Firewall, etc,
are guilty of false advertising at best, and gross misrepresentation at
worst.

http://samspade.org/d/firewalls.html

> 3) Should I adjust the firewall in my router to something custom, not
> standard, and what do you recommend me?

Follow the relevant RFCs.

> 4) I fear intruders and specially ddos. I saw a IDS called Snort that
> many people use. What do you think? Any other good GPL IDS?

IDS must run on the firewall to be effective.

Reply to:

Follow-Ups:
- Re: Newie questions about security
  - From: "Roberto C. Sanchez" <roberto@connexer.com>

Prev by Date: Microsoft soft *CAN NOT* acquire Linux...
Next by Date: Re: OT: sponge burning!
Previous by thread: Re: Microsoft soft *CAN NOT* acquire Linux...
Next by thread: Re: Newie questions about security
Index(es):
- Date
- Thread