Re: Fork bombing a Linux machine as a non-root user
From: Jeff Kinz (jkinz_at_kinz.org)
Date: 03/19/05
- Previous message: Timothy Murphy: "yum - problem with dependencies"
- In reply to: M.Rudra: "Re: Fork bombing a Linux machine as a non-root user"
- Next in thread: M.Rudra: "Re: Fork bombing a Linux machine as a non-root user"
- Reply: M.Rudra: "Re: Fork bombing a Linux machine as a non-root user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 19 Mar 2005 11:42:17 -0500 To: "M.Rudra" <dr.rudra@gmail.com>, For users of Fedora Core releases <fedora-list@redhat.com>
On Sat, Mar 19, 2005 at 05:03:38AM -0500, M.Rudra wrote:
> At our hospital we have a proper system with Linux servers and
> backups, staff use a windows-like software custom built to our
> requirements.
> Its the home connection that was attacked twice online so I want to
> install software to secure my home machine.
>
> This Iptable faq mentions that 2 ethernet cards are required to setup
> a fire wall.
> http://newbiedoc.sourceforge.net/networking/homegateway.html
>
> Is there an alternative to iptables as i dont have 2 cards and how do
> i get my kernel version? if my kernel is below 2.4 version is there
> any other firewall option on Fedora.
> i tried a command with this result " bash: modprobe: command not found
> " ... actually most commands as a user give above result.
> thanks for your time.
Hi MR,
Iptables can be used with one Ethernet card (AKA 'Network Interface
Card' = "NIC"). However the single NIC configuration will only protect
the single machine which is running iptables.
Does your home network look like either of these two configurations?
"----" = an ethernet cable
setup A:
Internet single
cable/DSL--------------------------- Computer
device
setup B:
|---------- Computer 1
Internet |
cable/DSL------ethernet |----------- Computer 2
modem router |
.
.
|----------- Computer "N"
Note - In setup "B" when using DSL, there are some devices which merge
the functionality of a DSl modem and a router.
To use Iptables in the most desirable fashion the config seen below is
needed. Note that it requires a dedicated standalone PC to use as the
firewall.
setup C:
|-------- Computer 1
Internet old PC Cheap |
cable/DSL------w/Linux----- Ethernet-----|-------- Computer 2
modem iptables Hub( or a |
(2 Nics) router) .
(Firewall) .
|-------- Computer "N"
There is a compromise to setup C which uses the Firewall machine both as
a firewall and a user workstation. This setup still requires two NICs
but does not require any more additional computers than what you have
now. While it is not the setup recommended by security experts it will
perform the task of firewalling your home environment.
Does your home setup resemble "A" or "B" above? What, if anything is
different about it?
-- "The only system which is truly secure, is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn't stake my life on it" - Gene Spafford (Good thing. the law of unintended consequences: A laptop, w/wireless NIC and wake on "date" set in the BIOS) http://kinz.org http://www.fedoranews.org Jeff Kinz, Emergent Research, Hudson, MA. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Timothy Murphy: "yum - problem with dependencies"
- In reply to: M.Rudra: "Re: Fork bombing a Linux machine as a non-root user"
- Next in thread: M.Rudra: "Re: Fork bombing a Linux machine as a non-root user"
- Reply: M.Rudra: "Re: Fork bombing a Linux machine as a non-root user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
