On Wed, Oct 20, 1999 at 10:31:32AM -0500, Justin Georgeson wrote:
| I've seen many people say how important it is to us ipchains and various
| other security packages when on RR. I've installed portsentry and
| tripwire, I'm still looking over the Tripwire docks to figure out how to
| put it to good use.
tripwire is good, but it's a bit more work than most people are
willing to go to for their home box. That, and it doesn't actually
keep people out - it just helps tell when they've been in and what
they've been missing with.
I'm not familiar with portsentry, but if all it does is detect
portscans, then it's pretty useless. Your box is going to be scanned
repeatedly, get used to it. Knowing or not knowing about it isn't
really going to make much of a difference.
| But my only experience with ipchains was to set up a
| machine that could only be reach from computers on the local network.
| That was easy. Does anyone have any recommendations on what to do in
| this situation?
That question has been answered here and in the RR newsgroups multiple
times. It doesn't really matter if you've got RR, ADSL, a dorm
ethernet connection or a dialup modem - what you should do is about
the same. Basically the answers boil down to 1) keep up to date on
patches for your distribution 2) disable services you don't need 3)
use ssh instead of ftp/telnet and 4) set up some firewalling for the
services you can't disable.
| Also, are there any kernel tweaks and such to improve
| RR's performance, so far I'm not that impressed. I've yet to break 100
| KB/s any time of day. =< TIA.
Linux doesn't need tweaks. I regularly get 3000 kbyte/s ftp's between
various boxes at home (100mbit network.) Over RR, I regularly get
speeds just below the caps - 250 kbytes/s download and 48 kbytes/s
upload.
I'd imagine that even a 386 linux box with a 8bit wd8003 ethernet card
could handle 250 kbytes/s of ethernet traffic - so my guess is that
you're just going to slow sites.
--
Doug McLaren, [EMAIL PROTECTED]
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
