RE: [plug] OT: Firewall Policy Rules

Thu, 23 Mar 2000 00:22:11 -0800 

problem is, i am allowing a telnet session to an sco server inside our
network from the outside using ipmasqadm. I've read an article that
ipmasqadm opens up a security hole. ano kaya ang magandang gawin sa ganitong
setup?

> -----Original Message-----
> From: Michael Vincent K. Pozon - CompE
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, March 23, 2000 4:32 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: [plug] OT: Firewall Policy Rules
> 
> 
> 
> i think your system is secured enough except for your remote
> administration using the old telnet. You can use SSH for 
> packet encryption
> and stuffs. ;)
> 
> 
> On Thu, 23 Mar 2000, Ronneil Camara wrote:
> 
> > I'm running ipchains on a dual homed linux server. I'm 
> using trinity's
> > ipchain rules. I asked this question because I've read an 
> article that
> > packet filtering isn't good. We know for a fact that 
> stateful inspection is
> > really good. And right now, project is still being develop 
> for stateful
> > inspection.
> > 
> > my setup:
> > eth0 - internal interface
> > eth1 - external interface
> > ip spoofing enabled, 
> > patched redhat 6.1
> > and I've only allowed a specific network to telnet in 
> coming from the
> > external interface.
> > inetd.conf already edited with minimal running services.
> > hosts.allow and hosts.deny already edited with ALL:ALL in hosts.deny
> > securetty also edited
> > no anonymous logins
> > and removed some r_x permissions for world in executables
> > 
> > Is this secure enough?
> > 
> > -
> > Philippine Linux Users Group. Web site and archives at 
http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
> 

--
m  i  c  h  a  e  l   v  i  n  c  e  n  t   p  o  z  o  n
          ::  [EMAIL PROTECTED]  ::
---------------------------------------------------------------
HPS Software & Communication Corp.     ICQ : 1413343
Pilipino Internet Cebu              office : (+63)(32) 3447847
Systems/Network Administrator       home   : (+63)(32) 3446427
- - - - - - - - - - - - - - - - - - cell   : (+63) 917-3276966
 - - - - - - - - - - - - - - - - -  http://mikevince.tripod.com


-
Philippine Linux Users Group. Web site and archives at
http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]

-
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]

Reply via email to