> Hi all. Finally found a reason to post after half lurking on the list.....
> =P
>
> Can anyone suggest to install and where I can learn about how to run it....
> A friend of mine suggested TCPwrapers and Tripwire..... But I was wondering
> if there were other things also I should look into......
>
> I'm going to use PPPoE to connect to the net..... And even on my win box
> using Zone Alarm I get people randomly scanning ports and stuff.... Is
> there something I can build on the Linux box that will keep me alerted about
> stuff like that? What would be a good only source to learn about that stuff?
>
> a friend of mine suggested ipfwadm. whats the opinion on that?
Been obsolete since the introduction of 2.2 kernels.
> oh I'm running RedHat 7.0 and i installed all the RPM updates from the
I would apply all RHL 7 updates, and migrate to a 2.4 kernel (because if I
didn't do it now, I'd be doing it with my next RHL upgrade).
I would then configure iptables (ipchains if you choose to stay with 2.2
kernels for the moment) to block ports I didn't want to expose to the world.
Take a look at the services you are running, ask yourself which ones you want
to expose to us.
You will need to expose some - domain for example to allow YOU to do DNS
lookups, but you can run BIND and configure it to refer only to your IPA's
DNSs.
ntp or similar if you want to set your clock.
sendmail maybe.
Tripwire (and it's some time since I looked at it) is a tool for intrusion
detection. It can look for modified/replaced (new I'm not so sure about) files
at regular intervals.
Read up on it; I suspect that if you create new/updated programs as often I do
it may prove more of a nuisance. I expect it would be more useful on a machine
used strictly as a server, where software updates are less frequent and more
controlled.
There are more extreme measures to prevent people from installing programs on
your system - it's hard, for example, to write on ro devices, or to run
programs from filesystems mounted noexec, but those are more complicated to
set up, cost more money and make the system less convenient to use.
I think most people will find that iptables/ipchains provide enough insurance.
--
Cheers
John Summerfield
http://www2.ami.com.au/ for OS/2 & linux information.
Configuration, networking, combined IBM ftpsites index.
Microsoft's most solid OS: http://www.geocities.com/rcwoolley/
Note: mail delivered to me is deemed to be intended for me, for my disposition.
_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-devel-list
