[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 20 June 2002 10:23 pm, Ian P. Christian wrote:
apt-get install iptables and http://monmotha.mplug.org/firewall/index.php.
personally i use: apt-get install iptables .. create your iptables rules ... /etc/init.d/iptables save_active and it wil lsave and restore on reboot.
But come on, be serious folks. No cracker will be interested in a dial up system. It would take too long to check it if you have anything worth looking at. For a machine you keep on all the time on DSL, well thats a different story.I had a dialup machine rooted twice, and that was *after* securing.
like simon said (no pun intended!), nearly all hacks are automated, so it makes no difference really. once a box is compromised (even via a user account), it can be used to launch dos attacks. most dDoS attacks launched on ISP's are from 56k dial-up accounts, a few thosand windows boxes all sending stupid packets at a router can do all sorts of wonders for lag ;p
For the sake of people editing /etc/inetd.conf, I really think people should spend atleast 10 minutes turning services off.
the *very* first thign i do on a debian box is: update-rc.d -f portmap remove update-rc.d -f inetd remove i don't like inetd, for some odd reason. it's a personal thing, It just doesn't seem natural :p portmap is a very very silly thign to leave open to the internet. my firewall has all ports short of ssh and imap closed. ~ Theo - -- Theo Zourzouvillys http://zozo.org.uk/ Today is the tomorrow you worried about yesterday. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9EnT7448CrwpTn6YRAiZWAJ0a86w5V8olwN9EKYFUNYuGRC4UjgCguwec meGra+TsANsy4ffshTRMGVs= =7Jix -----END PGP SIGNATURE----- -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.