On Fri, 2003-08-22 at 10:27, Keith wrote: > Firewalls are your friend. These days they are so cheap, even for home > use, that there is no reason not to have one. It is in your best > interest to have one, set up an inbound default policy of DENY for at > least all priveledged ports and only open up those that you absolutely > need. Then, if you get hacked, it would be easier to determine the > vulnerable service.
If you use Red Hat Linux, it will give you an option to setup a "firewall" during installation or you can use the firewall configuration tool later to enable it to block ports. > > I like RH but they have a habbit of enabling nearly every service by > default. Eh? This has not been true for years now. > 98% of the time there is no need for this. Another good > practice is, after installing and before plugging the cat5 into your > NIC, run through your default runlevel's rc directory and turn all > unnecessary services off with chkconfig. Issue a > > bash$ chkconfig --list | grep :on Total agreement with using chkconfig to see your automatically started services and disable things which you don't need. Warren