On Tue, Jan 07, 2003 at 07:54:55PM -0600, Timothy Bolz wrote:
> I had a person who is a Cisco certified network guy tell me unix boxes are
> easier to get into than windows.
That's a question with a lot of "It depend if ..."s.
> He's very knowledgeable and says he's one
> of 5000 certified in the world. I don't know if he's worked in Linux or not.
> My box at work is a Debian GNU/Linux box and he knows the ip address of it.
> He said a hacker could gain access to it if they know the ip address. I said
> I have ipchains installed. My question is that enought or do I have to close
> down the ports too. He thinks someone could gain access to my box even
> though I'm running Linux with ipchains. He ruffled my feathers and I don't
> like it, especially when I don't know how to respond to someone who might
> know.
He's probably just trying to "show off" or something, but one never
knows.
> What I'm saying is my box is on a private network 192.168.x.x which
> other people on that network who I don't know get on. What can I do to
> protect my box besides turning it off at night or unplugging it from the
> network.
stay on top of security updates
don't provide access you don't need to
run 'netstat -an' to see what ports are listening to outside
connections
you already have ipchains, just make sure it's doing what you want
if you need to have services running, lock them down to only give
needed access in their configuration or perhaps tcpwrappers
(/etc/hosts.{allow,deny})
--
<[EMAIL PROTECTED]>
_______________________________________________
Eug-LUG mailing list
[EMAIL PROTECTED]
http://mailman.efn.org/cgi-bin/listinfo/eug-lug
