security beginner asking for assistance
Being new to suse linux may I ask a few questions about suse security? I'm using suse 7.1 Pro and am confused about the firewall. Is there a difference in suse personal firewall and suse packet filter firewall? If different are they mutually exclusive or can they be run simultaneously. whan I boot suse personal firewall says "active" and if I turn on packet filter firewall in rc.config the boot message shows it failed. Does suse firewall use ip chains? What services in suse linux 7.1 are known to have security bugs. I shut down everything except httpd in inetd.conf Are there any file protection settings shipped in the distribution that needed to be changed? Anything else that is security vunerable? Can the ip number assigned to an email address give a path through ones firewall to break in? Thankyou, Jeff Barnes
On Friday 17 August 2001 19:07, Jeff Barnes wrote:
Being new to suse linux may I ask a few questions about suse security? [snip] Thankyou, Jeff Barnes
Does suse firewall use ip chains? For kernel 2.2, yes (these also work on 2.4) - I think the 2.4-specific
Hi, http://www.susesecurity.com -> click on the link to the FAQ http://www.suse.de/~marc/SuSE.html -> new firewall scripts, hardensuse script, etc. http://www.suse.de/security -> security related updates (you should install them if there are any packages you are using). Look into /etc/hosts.allow and /etc/hosts.deny using ALL : ALL in hosts.deny and fix later if needed. script collection uses iptables but I am not sure (I'm sure someone who actually knows will post :) Also, you need to configure the firewall script in /etc/rc.config.d/firewall.rc.config or you will not get much protection (if you are using a modem, set FW_DEV_WORLD="ppp0" in this file). Try "netstat -ap" -> look for open ports See /etc/services to see what is what. Then work on closing ones you don't want. Also, remove packages you don't need. John
On Friday 17 August 2001 19:24, John Pinder wrote:
Look into /etc/hosts.allow and /etc/hosts.deny using ALL : ALL in hosts.deny and fix later if needed.
use : ALL : ALL EXCEPT LOCAL in /etc/hosts.deny Sorry - I need sleep :) John
participants (2)
-
Jeff Barnes
-
John Pinder