[EMAIL PROTECTED] wrote: > i found out that my grep utility was corrupted the size being reduced > which is a clear sign that the pc was attacked. > > Now i would appreciate if you could just let me know how it could be > hacked or if i needed to block any other port apart from the above. > > or do i need to have any IDS OR IPS detection system in addtion to the > firewall software.
Your biggest failing is that you have not kept your server (and firewall) updated with software that has regular security updates (neither Red Hat 8 or Red Hat 9 are supported any more). Running a firewall with correct firewall rules is absolutely no guarantee against getting hacked. That is why we always recommend that your internet-accessible servers be placed on a LAN segment by themselves. That way, when one of them gets hacked, the hacker doesn't have unrestricted access to your other internal systems. A firewall is only one component of a total security strategy. Equally important components of that strategy are: a) Keep your internet-accessible servers at current release levels with the most current security updates. b) Keep your anti-virus software up to date. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
