On Tuesday 01 July 2003 15:58, Mycroft wrote: > [snip] > This box is my networked workstation at home, and i > don't have open server ports. I'm merely dealing with a number of script > kiddies that think scanning and DOSing people they meet on IRC channels > makes them all-powerful. [snip] > however I would like to hear > your opinion about your choice of firewall/IDS for a home user, if you are > already nailing me to the stake :)
This is getting a bit off-topic for this mailing list, and while I do have an opinion about a firewall/IDS choice that doesn't mean by favorite tool/product is what you need. I was merely trying to strengthen Tzafrir's point about the hazards of a self-made active IDS. Collect the tips that were thrown by Shachar, Josh and Nadav, and make your own decision on whether you want a razorsharp IDS, a strong firewall or just make sure you have no open ports and patch your system agains the DoS attacks (and if there is no patch available post it as a security bug on the relevant product's bug tracking system). However, what I *would* like to comment about, is the following, very dangerous and too-frequently heard, way of thinking: > Well I'm not securing a corporate web server here, most probably if i were, > I'd choose other means of security responce. Any job worth doing is worth doing well. If you don't want to secure your box, then stop wasting our time. If you are, then we're all very glad to help you do it (see how many responses you've received!) but then you have to be serious about it, and not tell yourself that it's ok to do a half-way job because it's not a "corporate server". Don't take it personally Michael - the above is directed at all of those that were told by so called experts something along the lines of "there is no 100% security anyway". This is like telling a programmer it's not very important to fix bugs because "there is no 100% bug free software anyway". -- - Aviram ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
