[wplug] Linux network security poll
Tom Rhodes
trhodes at FreeBSD.org
Sat Feb 9 18:22:12 EST 2008
On Sat, 9 Feb 2008 17:17:52 -0500
Zach <netrek at gmail.com> wrote:
> I need to get serious about security since I will be soon connected to
> the net almost 24x7 (barring a power outage etc.) so I was wondering
> if list members could explain their security setup (network
> configuration, DMZ, firewalls, IDS, logging, etc.). Also what would
> you recommend for someone like me who is still on an entry level in
> terms of my understanding of Linux and network security and what would
> recommend for later on down the road once I get more sophisticated? I
> run Debian lenny with a 2.6.18 kernel. I will be getting ADSL next
> week and plan on having a DSL modem/router doing NAT. I only have one
> machine now but plan on adding another one within the next 3 months or
> so.
Honestly, stop everything running that you don't need. If
you have on reason to listen on a port, close it. Either
by shutting the daemon down or using a firewall.
Security update. Use yum or aptget on some kind of regular
basis. I'm not sure if/how they handle security only updates,
but freebsd-update grabs the security patches and applies
them, nothing else.
Make sure you don't have any unused login accounts, use
good passwords, etc. etc. :)
--
Tom Rhodes
More information about the wplug
mailing list