[NTLUG:Discuss] Firewall Advice?
Rick Moncello
rmoncello at attbi.com
Mon Sep 9 14:01:42 CDT 2002
>
> I recently got cable modem for the very first time.
> I run SUSE 8.0 with personal firewall enabled. I'd like
> some advice on whether this should be sufficient to
> prevent hack attempts, or should I use a different
> firewall? What should I watch for to see if I'm being
> scanned, hacked, etc? I'm green about such things.
>
The first thing you should do is turn off all services which you do not
need: ftpd, telnetd, nntpd, etc.
What I also do is setup the hosts.allow/hosts.deny files to deny from all by
default, than add in addresses that I want to be able to hit my box.
Also make sure that system logging is on and check /var/log/messages,
/var/log/secure, /var/log/httpd/access_log (as per my RedHat 7.3 system)
everyday. Checking, and reading, roots mail is also important.
My final recommendation (that I can think of now) is to make sure that you
stay on top of any security updates for your system, and the software
installed.
It's a start. :)
Rick.
More information about the Discuss
mailing list