On Wed, Apr 21, 2010 at 12:29 AM, John Stevenson <j...@jr0cket.com> wrote:
> > Am I wrong in thinking this post is really a warning about not setting you > router up securely? > > If you are unable to control the router or the IP address your Ubuntu box > is assigned, then you can always run a firewall and/or AppAmor on you Ubuntu > box. > For those wanting a graphical interface for IPTables, you can use Firestarter (available in the repos). It's a nice interface that covers most functions. From the command line Ubuntu has ufw - the uncomplicated firewall, which is effectively an easy method to configure basic firewalling (eg. ufw allow ssh) I can't emphasise enough how important it is to secure the perimeter device effectively though. If outbound filtering is enabled and services are only enabled on requirement, we'd see a drop in viruses, worms, spam and other nasties. Think back to the "Slammer worm" ( http://en.wikipedia.org/wiki/SQL_Slammer) which compromised windows boxes at a rapid rate, but could not have propagated anywhere near as fast if outbound firewalling was enabled. The same goes for IRC controlled botnets - if you restrict outbound IRC traffic from only the machines that you use IRC on, then the infected machines cannot be controlled. The majority of spam comes from hijacked PC's - if your perimeter device only allows the mail server on your network outbound access on port 25, then spam cannot be sent from a compromised desktop. Furthermore, logging on the perimeter device can also be used to identify threats from within the network (if you see a blocked IRC or SMTP traffic it gives cause for investigation). I hope this gives a little food for though.... Paul
-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
