Hi Bernd,
Ok - you're asking the questions. That's the first step.
Unfortunately, there's an awful lot of steps to what you ask.
The best way for you to protect your website is to know what crackers
are going to use against you, and protect your system accordingly. You
don't mention how long you've been using Linux, but the way the question
is phrased, I'd assume that it's not that long. To start, you're going
to have to learn about security.
Two books you might look into:
"Firewalls and Interet Security - Repelling the Wily Hacker"
William R. Cheswick and Steven M. Bellovin
Addison-Wesley, 1994, ISBN 0-201-63357-4
"Actually Useful Internet Security Techniques"
Larry J. Hughes Jr.
New Riders, 1995, ISBN 1 56205-508-9
Yes, these are both a bit dated - this is ok, as they cover the basics
of internet security from the perspective of the system administrator.
Much has changed in the last few years, but TCP/IP and basic services
really haven't changed that much. I'm going to go out on a limb and
assume that you've got a dedicated link to the internet, and that you're
using the Linux machine(s) to route and provide network services. Check
the Linux Security FAQ
(http://linux-howto.com/LDP/HOWTO/Security-HOWTO.html) and print it
off. Read it cover to cover - put it in the bathroom if necessary.
Start by securing the Linux machine(s), bringing security up to an
acceptable level - then, after you've had the experience and have a
basic understanding, try building a firewall. If you're new to the
scene, the firewall will be a very taxing process, testing the limits of
your knowledge of TCP/IP networking.
There are two extremely critical steps to internet security; the first
is READ. Read EVERYTHING. Subscribe to Bugtraq
(http://www.securityfocus.com). Subscribe to SysAdmin magazing
(http://www.samag.com). Read papers on security sites. Read source
code on cracker sites. Read anything and everything even vaguely
related to security.
The second is UNDERSTAND. Reading everything is the first step, but if
you're reading a long document, and the last two pages looked greek to
you, go back. Read them again until you understand them.
Keep in mind that the more you know about security, the more valuable
you are to your company. To paraphrase SysAdmin magazine, "Systems
security has a value that compares surprisingly against the gross profit
of the company...".
Finally, keep in mind that there is NO SUCH THING AS A FREE LUNCH.
Buying an out-of-the-box fix will help you short term, but is NOT a
solution. Hiring an expensive consultant is another fix, and this tends
to work better, but if you want it done right, do it yourself. The more
you know, the better your network security will be.
Cheers,
- Drew.
Bernd Hofmann wrote:
>
> what do you suggest as a good way to protect a very small (2-5 computers) network
>(linux und windows 98) from hacking? it shouldn�t cost the world but be sufficient.
>
> another question: what do i have to do to protect a web-site of being hacked?
>
> thanks for any suggestions!
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
