Re: Newie questions about security
- From: Andrew Sackville-West <andrew@xxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 28 Feb 2007 08:06:51 -0800
On Wed, Feb 28, 2007 at 05:38:27AM -0800, Jordi wrote:
Hello,
I just managed to configure my server and router and ips yesterday and
now I have questions about security. I did a scan of ports and saw the
only open are the ones I opened. I also set my router firewall to
"standard".
1) Must I CLOSE the ports that I don't use? Or just let them not
forwaded? (they appeared as STEALTH in the ports scan)
in linux, the only ports that are a danger are the ones that have a
process listening on them. For example, if you only have and http
server running(apache) then the only port that is open is 80 and that
is the only port that is a concern. The other ports are effectively
"closed" because there is no process listening to them...
2) Should I use an extra firewall in my server plus the one that my
router has ? What about Firestarter? Any other good GPL firewall?
shorewall. check the excellent website for help.
3) Should I adjust the firewall in my router to something custom, not
standard, and what do you recommend me?
a good hardware firewall is a great tool. And its easy to use -- only
forward those ports that you want, and the rest will be blocked. done.
4) I fear intruders and specially ddos. I saw a IDS called Snort that
many people use. What do you think? Any other good GPL IDS?
You should fear intruders-- install tiger and learn about it so that
if you do get compromised, you'll know. Also learn to read your
logs. there are log filtering programs that can help with this. Not
sure why someone would want to go to the trouble of ddos'ing you those
theres always a possibility. What is your concern there? DDOS would be
a problem if you had some mission critical online app that you needed
to have up. BUt if you're just running a little home server and you
happen to get randomly hit by some attack, ust take it offline for a
bit. but I don't really know.
5) Now that I have the server running, y suppose I must stop using
gksudo and use only sudo. Not?
doesn't matter.
A
Attachment:
signature.asc
Description: Digital signature
- References:
- Newie questions about security
- From: Jordi
- Newie questions about security
- Prev by Date: Re: how to send files from a pc to my home server and viceversa
- Next by Date: Re: question about dns server at home
- Previous by thread: Newie questions about security
- Next by thread: Re: Newie questions about security
- Index(es):
Relevant Pages
- Re: What is broken:McAfeee firewall or my router ????? Urgent, ple
... your computer regardless of what McAfee firewall said. ... If your router
is ... warned about those ports being available right away if you had any of those ...
(microsoft.public.security) - Re: What is broken:McAfeee firewall or my router ????? Urgent, ple
... your computer regardless of what McAfee firewall said. ... If your router
is ... warned about those ports being available right away if you had any of those ...
(microsoft.public.security) - Re: Simultaneous DSL and cable modem access on a SBS network...sorf ot.
... Internet Connection wizard on the SBS box, ... "More Information" button on
what ports need to be opened to the SBS. ... The server and the fax (the line the
DSL modem ... The cable modem already has a router attached to it as well, ... (microsoft.public.windows.server.sbs) - Re: Servers & Routers and Firewalls, Oh my....
... The SBS2k3 standard firewall that you disabled ... YOU BOUGHT ISA SERVER
AND YOU AREN'T USING IT? ... > allowing traffic through certain ports. ... The
router, which is ... (microsoft.public.windows.server.sbs) - Re: Firewall old computer
... A tiny Linux based router running on just a floppy! ... > a firewall.
... I also have a home LAN running a W2K Server and Proxy 2.0 ... could you please
tell me how to find out all of the ports ... (comp.security.firewalls)
