On Friday 10 January 2003 01:31 am, Ken Hawkins wrote: > On Friday 10 January 2003 04:15 pm, Lorne wrote: > > On Friday 10 January 2003 12:58 am, Ken Hawkins wrote: > > <SNIP A WHOLE LOT OUT> > > > > I have run this against some online security test sites, and they have > > > all never been able to get more from my computer behind the firewall > > > than my browser version. It leaves a FEW things open by default, but > > > those are easily corrected. > > > > > > Ken Hawkins > > > > ***ALERT*** > > > > I've run coyote-linux for 5 years now and have NEVER been hacked. That is > > until September of 2002. I spoke with the author and he felt his system > > was secure and it couldn't have been his LRP based firewall that broke > > down. I DID have port 21 forwarded, so assumed it was the inside box that > > got compromised via port 21. I took the inside box off line, totally > > built it from scratch, hardened all boxes and made sure I had a secure > > intranet. I then brought the firewall back up. Within a month someone was > > poking around inside my intranet again. Now it seems that it takes about > > 48 hours for them to get back in. So I've been rebooting it every night > > until I can get my MNF box up. I believe there is some buffer overflow or > > other > > vulnerability that hasn't been identified yet with the LRP firewall > > system. So just a warning, don't trust it too much. :) > > OR: > "Sure I'm paranoid...but am I paranoid enough?" > > Sorry, didn't mean to imply that I was invulnerable...just that it was a > cheap & easy solution to be MUCH more secure that most people out there. > Remember that there are millions of users out there still with windblows > machines plugged straight into their DSL/Cable modems with NO firewalls. > Damned scary isn't it!? No need to appologize. :)
> When you say they were "poking around", had they been able to install s/w, > read documents, change configs? Or was it just port scanning, "rattling the > doorknobs" so to speak? > They had made it past my firewall and were rattling the door knobs on IP addresses beyond the firewall. So basically they had breached the moat and were trying doors in the castle. Scary and obviously the firewall is compromised when they do this. > Ken
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
