On Friday 10 January 2003 04:15 pm, Lorne wrote: > On Friday 10 January 2003 12:58 am, Ken Hawkins wrote: <SNIP A WHOLE LOT OUT>
> > I have run this against some online security test sites, and they have > > all never been able to get more from my computer behind the firewall than > > my browser version. It leaves a FEW things open by default, but those are > > easily corrected. > > > > Ken Hawkins > > ***ALERT*** > > I've run coyote-linux for 5 years now and have NEVER been hacked. That is > until September of 2002. I spoke with the author and he felt his system was > secure and it couldn't have been his LRP based firewall that broke down. I > DID have port 21 forwarded, so assumed it was the inside box that got > compromised via port 21. I took the inside box off line, totally built it > from scratch, hardened all boxes and made sure I had a secure intranet. I > then brought the firewall back up. Within a month someone was poking around > inside my intranet again. Now it seems that it takes about 48 hours for > them to get back in. So I've been rebooting it every night until I can get > my MNF box up. I believe there is some buffer overflow or other > vulnerability that hasn't been identified yet with the LRP firewall system. > So just a warning, don't trust it too much. :) OR: "Sure I'm paranoid...but am I paranoid enough?" Sorry, didn't mean to imply that I was invulnerable...just that it was a cheap & easy solution to be MUCH more secure that most people out there. Remember that there are millions of users out there still with windblows machines plugged straight into their DSL/Cable modems with NO firewalls. When you say they were "poking around", had they been able to install s/w, read documents, change configs? Or was it just port scanning, "rattling the doorknobs" so to speak? Ken
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
