Sorry if I appear complacent below but remember I'm running Woody with dynamic IP addressing. A cracker would need to be very fast and up to date. Or to have been watching Swordfish in which case he's have to find someone to hold a gun to his head and provide a blonde to give him a blowjob.
Actually, there's probably quite a few people who would take up cracking just for the blowjob! | nope... the box is NOT secrure...never is... | | just depends on who the attacker is...if they wanna get in..they willl They won't. I've never had an intrusion on a public facing box. Even the old ipfwadm rules on Slink make it impossible to get in. It's important to remember that a server that's hacked twice gets taken offline and formatted. If it happens to a few boxes, the OS goes out of fashion. Linux is actually very hard to attack from outside the firewall. Most serious hits come from employees. | there is no point nowdays to be running discard, daytime, time Damned if I know why they are there. Sometimes Linux seems swamped in cruft. But when I cut it away, sometimes things break :-( | | no reason to run netbios-ssn unless its a samba server that | requires/allows winXX users to write data to this machine It is. My kids use it to store games. And I know security conscious folk hate this. But samba is bullet-proof. I've never heard on an exploit that can get past eth0 if samba is restricted to eth1, or ppp0 if samba is restricted to eth0. These bindings do work. | | ssh is being attacked/exploited on a regular basis Is OpenSSH capable of being taken down from outside the firewall? ssh is the main reason I like Linux. In my last house, I had ADSL and no Linux drivers. I worked in the top floor with the server in the garage. I got heartily sick of having to traipse down the stairs to open and close the connection every time the DSL network went funny. I yearned for ssh. Sad or what? Luckily now I have Linux I can return to normality and yearn for Cameron Diaz. | smtp is notorious for exploits... Um. No it isn't. Its notorious for being left open. Even old sendmail hasn't had a seriuos exploit in years, let alone exim. Actually, has exim ever been used to take down a server from outside the firewall? | http is being attacked/exploited regularly... Last apache exploit with root access was over 3 years ago. Perhaps it can be be used as a trojan but I'm not perpared to worry about that. | printer is attacked regularly... Oh. Is there a way to bind printer to an interface? | | so far...all the ports you have open are those that exploits already | exists..... | - run the exploits and see if it gave a reg user root access That's a bit time consuming. I could pull Cameron Diaz in the lenght of time that would take...and it should be less frustrating! What's the general opinion on Port Sentry? It stops nmap on the remote host I was using but I hadn't bothered to use stealth.
