Vulnerability Development mailing list archives
Re: Securing of systems....
From: Ryan Yagatich <ryagatich () CSN1 COM>
Date: Tue, 1 Aug 2000 10:22:33 -0400
<snip>
There are program specific (ipchains-HOWTO) but they give you the
indepth of it all.. well, ipchains is probably the best thing to use after you have closed all unused ports. this can be used to filter out unwanted traffic from the internet to your local machines. say for instance you have 1 box that is the gateway for your gaming machines ip of 206.103.246.1(10.1.1.1) for example. and your game servers reside on your internal network of 10.1.1.2/24 you can use ipchains to forward the ports from 206.103.246.1 to 10.1.1.2/24. I primarily use ipchains because of it's control and discourage not using it.
I'm sort of looking for a document that covers it at a
higher level. well, to start, you might want to consider taking your box and getting rid of all services you don't need (like inetd for example) using ipchains, or another firewall (listed below are some examples). and then the most important part is to make sure you have removed the "hacker tools" like telnet, compiling software, etc... this way if someone were to telnet to your box, they would not be able to telnet or hit any of your other machines. firewall examples: http://www.linuxfw.org <-- Linux Security - The community's center for security http://www.fwtk.org <-- The Linux Firewall Toolkit http://www.webmin.com <-- A powerful web-based firewall administration (frontend to ipchains) from your web-browser. These are just a few examples and i hope the explanations gave you a general idea. i, as well as others, would need a bit more input on your exact setup to justify the use of particular scripts. hope this helps, ryan
Current thread:
- Securing of systems.... Snehal Dasari (Aug 01)
- Re: Securing of systems.... Robert A. Seace (Aug 02)
- Re: Securing of systems.... Ryan Yagatich (Aug 02)
- Re: Securing of systems.... Taneli Huuskonen (Aug 03)
- Re: Securing of systems.... vamp (Aug 02)
- Re: Securing of systems.... Crispin Cowan (Aug 02)
- Re: Securing of systems.... Robert D. (Aug 02)
- <Possible follow-ups>
- Re: Securing of systems.... Brooke, O'neil (EXP) (Aug 02)
- Re: Securing of systems.... J. Oquendo (Aug 02)
- Re: Securing of systems.... jason (Aug 02)
- Re: Securing of systems.... Dunker, Noah (Aug 05)
- Re: Securing of systems.... roman (Aug 18)