[wplug] Linux network security poll
Bill Moran
wmoran at potentialtech.com
Sun Feb 10 10:09:43 EST 2008
Zach <netrek at gmail.com> wrote:
>
> I need to get serious about security since I will be soon connected to
> the net almost 24x7 (barring a power outage etc.) so I was wondering
> if list members could explain their security setup (network
> configuration, DMZ, firewalls, IDS, logging, etc.). Also what would
> you recommend for someone like me who is still on an entry level in
> terms of my understanding of Linux and network security and what would
> recommend for later on down the road once I get more sophisticated? I
> run Debian lenny with a 2.6.18 kernel. I will be getting ADSL next
> week and plan on having a DSL modem/router doing NAT. I only have one
> machine now but plan on adding another one within the next 3 months or
> so.
In addition to everything else that's been mentioned.
Samhain (or something similar, there are a few choices) will tell you if
you've done the job right or not. This is kind of the ultimate final
step if you _really_ want security. What Samhain does is profile your
entire system and tell you if anything changes that's not supposed to
change. It makes upgrades a bit more work because you have to tell
Samhain "it's OK, _I_ changed those things", but the advantage is
that you _know_ without reservation that there are no trojans or backdoors
installed.
--
Bill Moran
http://www.potentialtech.com
More information about the wplug
mailing list