> > I won't recomend this to anyone, unless the computer
> > is in a closed network
> > that harbours no malicious users.
> > Please don't disable your firewall w/o knowing why
> > you need to do that! This
> > is not something that you shud do if your computer
> > can have any kind of
> > internet access. Especially broadband and dialup
> > internet access w/o any
> > firewalls!
> >
> > Bye,
> > /\ |\/| |3 /\ r
> >
>
> Can you please show/explain the rules that you use to
> secure a Linux server on a broadband/dialup access?
Under Red Hat Linux 7.2. The default firewall rules for a locked down system
shud be good enough. If you wan't greater security, then i will suggest that
you do go thru the ipchains & firewall howtos. Those documents have very
detailed discussion about the various types of firewall rules that you can
have. I am remember telling this before, but please don't use any ready made
firewall scripts unless you understand exactly what that script does. And
even then, you will see that 99.999% of the scripts out there won't match
your unique firewalling requirements. Under linux, you do have a very
powerful firewall built in to the kernel, but I have seen that most people
configure their firewalls incorrectly. So please do go thru the howtos.
Those are excellent documents, and in case you do need some ready made
scripts, you will find some in them along with a good explanation of why
those scripts are made in a particullar way.
For someone who is using a linux machine to only access the internet,
and who does not need to have any servers on his machine accessible from
outside, the basic firewall rules shud just disallow any outside connections
to any of the secured tcp ports (port no <1024) and for any port that is
being used by a server. The red had stock firewall rules shud help you
getting this kind of a configuration!
Bye,
/\ |\/| |3 /\ r
PS: I might be repeating this, but everyone out there who are thinking abt a
firewall on linux shud read the ipchains and firewall howto. You might spend
some time, but they will be well spent!
================================================
To subscribe, send email to [EMAIL PROTECTED] with subscribe in subject header
To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject header
Archives are available at http://www.mail-archive.com/ilugd%40wpaa.org
=================================================
