Newie questions about security

On 28 Feb 2007 05:38:27 -0800, Jordi <acero_64@xxxxxxxxx> wrote:

Hello,

I just managed to configure my server and router and ips yesterday and
now I have questions about security. I did a scan of ports and saw the
only open are the ones I opened. I also set my router firewall to
"standard".

1) Must I CLOSE the ports that I don't use? Or just let them not
forwaded? (they appeared as STEALTH in the ports scan)
2) Should I use an extra firewall in my server plus the one that my
router has ? What about Firestarter? Any other good GPL firewall?
3) Should I adjust the firewall in my router to something custom, not
standard, and what do you recommend me?
4) I fear intruders and specially ddos. I saw a IDS called Snort that
many people use. What do you think? Any other good GPL IDS?
5) Now that I have the server running, y suppose I must stop using
gksudo and use only sudo. Not?

Thanks for your answers.

Jordi


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact
listmaster@xxxxxxxxxxxxxxxx


Hi,

Personally, i use shorewall firewall (it can be downloaded with apt) and i
find it really good, it is also well documented and you can always find help
at the mailinglist. Check it out, http://www.shorewall.net/

I really have little experience in this, so i ´ve never used any kind of
IDS. As for the unused ports, in every site of security, it is shown as a
good practice to close all ports unused to reduce the system vulnerability
and only open the ones that are strictly necessary, i agree with these
practice too.

Hope it hepls.

Javier

Relevant Pages