mlists at netcom.no
Sun Oct 7 09:06:54 PDT 2001
At 09:38 07.10.2001 -0400, you wrote:
>No firewall is a bad thing. Running a linux computer without a firewall
>is quite risky and will get u to be hacked quite fast if they do a few
>nmap scouts ip scouts.
I wouldn't say so. There are no services running on LFS by default, and
thus really no easy ways to enter...
>They find you, and notice no firewall, etc. You
>could be in trouble, and might have to totally redo your whole LFS, which
>would suck butty. What I would look into doing is use an iptables script
>that protects you. Also I would make sure not to run any stupid servers
>like telnet, rsh, rlogin, etc. They are dumb and cleartext. Also I would
>look to block your X-Windows ports as well, so that nobody can connect to
>your X-Windows server which auto runs when you startx.
I'd like to see someone who can discern my firewall from my
Telling whether a linux-system is a workstation/server or a firewall is
IPTables protection is a good idea though, and not running services that
use plaintext passwords, such as telnet and FTP.
My recommendation, considering you're on dialup with a non-critical system,
is simply to not run any unneeded services, and use secure versions of
those you *have* to run.
The probability of someone skilled trying to hack a system on a dialupline
is increasingly slim, and *if* that is to happen... Well... I guess it's
time to rebuild.
> > Good evening all,
> > I have been reading numerous articles lately on the Net about security.
> > I have to say that I am now more confused than before I started.
> > I run a single box, an home PC, no networking other than connecting to
> > the Internet via a modem. I have shadow password thingy installed (this
> > OS is LFS3.0). Should I take further measures? I accept that life is
> > full of risk, so I don't take the paranoid approach - apologies Jeff
> > Neitzel, I have read your excellent hint and implemented most of it.
> > It's just that I have reached the age where "C'est la vie" is often the
> > most appropriate response to life's glitches.
> > Despite this seeming unconcern, I would like to hear the opinions of
> > others on what level of security I should reasonably implement. Bear in
> > mind, this PC is a home jobby, nothing of importance is stored on it -
> > well nothing that can't be built or typed or downloaded again.
Phone: +47 99389004
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message
More information about the blfs-support