Re: Securing a Linux Firewall

[Brian Hatch <firewall-wizards () ifokr org>]

> I have a computer set up for the exclusive use as a gateway/firewall running
> IPChains.  I would like to know if I can safely shut down the rpc.statd
> service.  According to the man page, " It is used by the NFS file locking
> service, rpc.lockd, to implement lock recovery when the NFS  server machine
> crashes and reboots."  Since I am not using NFS (or at least I believe I am
> not; the firewall is the only *nix computer on the network, and isn't used
> for file sharing) can I safely turn this off?  I have read that turning off
> unneeded services is needed to secure a linux box, which is doubly a concern
> with a firewall.

Can?  Yes.  Should?  Definately.  Post-haste.  Shut
it and everything else down.  When you're done, you
should have no network services except SSH available
(both TCP and UDP - check both).  And even SSH should
be allowed (via your ipchains rules) only from a
few administrative hosts.

However you may find using a 2.4 kernel will offer you a
much more robust firewall/filtering mechanism using
iptables (netfilter) instead of ipchains.

--
Brian Hatch                  FATAL ERROR:
   Systems and                x86 architecture found.
   Security Engineer
www.hackinglinuxexposed.com

Every message PGP signed

Attachment: _bin
Description: