Along with Pmfirewall you should also configure portsentry to watch for port scans. Pmfirewall, using Ipchains, is a wonderful first step, but a single layered security scheme isn't much security at all. I wouldn't use anything less then two layers and thats cutting things down to bare bones. these days, when it comes to keep your machine secure from unwanted visitors redundency is the way. While its true that you can only go so far on a single home machine it never hurts to go as far as you can. I've setup a simple SMTP/FTP/HTTP server at work that I use for certain interesting tasks and amusement. In the first week it was up someone breached the box, (my fault cause I left port 23, telnet, open) was rooted and planted. I got lucky this time cause I saw the evidence of the incurrsion, found their droppings and got rid of them. you can be sure I got firewall configured properly AND installed and configured portsentry which has been on duty since without a single lapse in security since. I will tell you that the hosts.deny file continues to grow daily since these guys just don't take no for an answer and they're still trying to gain access. their ip numbers are all over my firewall logs and portsentry continues to log their scans and enter their ip addresses in the hosts.deny file so that it remembers them. for an older RedHat machine running on an i486 P1-133 I'm very impressed with what these two programs can do on their own to protect both machine and the data contained on that machine - not to mention the network behind the machine. -- Mark ***** "what knowledge I have managed to accumlate over the years at times becomes obscured and even hidden amidst the vast emotional onslaught of my children. You never finish being a parent. :)" On Mon, 23 Apr 2001, s wrote: > pmfirewall should do you just fine. You will need to add some things to it > as you find ports left open here and there, but basically it's a good start. > -s > > On Sat, 21 Apr 2001, you wrote: > > Hi All: > > I am using ML 7.2 for a home desktop system. I only browse the internet > > using a 56K modem. How much internet security do I need? Do I need > > ipchains or whatever? I am only on the internet 3 to 4 hours a day. I > > have ML set to medium security!! Thanks > > Charles >
