RE: [plug] OT: Firewall Policy Rules

[Michael Vincent K. Pozon - CompE]

i think your system is secured enough except for your remote
administration using the old telnet. You can use SSH for packet encryption
and stuffs. ;)


On Thu, 23 Mar 2000, Ronneil Camara wrote:

> I'm running ipchains on a dual homed linux server. I'm using trinity's
> ipchain rules. I asked this question because I've read an article that
> packet filtering isn't good. We know for a fact that stateful inspection is
> really good. And right now, project is still being develop for stateful
> inspection.
> 
> my setup:
> eth0 - internal interface
> eth1 - external interface
> ip spoofing enabled, 
> patched redhat 6.1
> and I've only allowed a specific network to telnet in coming from the
> external interface.
> inetd.conf already edited with minimal running services.
> hosts.allow and hosts.deny already edited with ALL:ALL in hosts.deny
> securetty also edited
> no anonymous logins
> and removed some r_x permissions for world in executables
> 
> Is this secure enough?
> 
> -
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
> 

--
m  i  c  h  a  e  l   v  i  n  c  e  n  t   p  o  z  o  n
          ::  [EMAIL PROTECTED]  ::
---------------------------------------------------------------
HPS Software & Communication Corp.     ICQ : 1413343
Pilipino Internet Cebu              office : (+63)(32) 3447847
Systems/Network Administrator       home   : (+63)(32) 3446427
- - - - - - - - - - - - - - - - - - cell   : (+63) 917-3276966
 - - - - - - - - - - - - - - - - -  http://mikevince.tripod.com


-
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]