>I have a stand alone RHAT 6.0 machine at home. I recently setup Internet
>access on this machine and want to know how to keep it from being hacked.
>
>I added the line
>ALL: ALL
>to the hosts.deny file, and I added the line
>ALL: 127.0.0.1 127.0.0.0
>to the hosts.allow file.
>
>Is this sufficient for a standalone machine or do I need more security?
>Should I use IPCHAINS? If so, what should I set the chains to be? In
>considering chains, please remember that this is a standalone machine at my
>home.
Just remember that that will only work for tcp_wrapper'd services .. so some
ports would remain open to the world. (e.g. httpd, sendmail, smb...)
So, what you've done is a good start, but far from totally secure. You
should
definitely look into ipchains if you are serious about this.
I like this one for hosts.deny;
ALL : ALL : \
spawn ( \
/bin/echo -e "\n\
TCP Wrappers\: Connection Refused\n\
By\: $(uname -n)\n\
Process\: %d (pid %p)\n\
\n\
User\: %u\n\
Host\: %c\n\
Date\: $(date)\n\
" | /bin/mail -s "$(uname -n) wrappers\: %d refused for %c" \
root@localhost ) &
Since it will generate an email when attempts are made .. just so you are
aware of them.
Just remember, the best way to avoid being attacked in the first place is
to stay well away from EFNet IRC servers :)
Regards,
--
Iain Wade - Optus Internet
Email: [EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
