2 Jun
2003
2 Jun
'03
18:45
My desktop Linux system (Suse 8.1) is connected to a DSL line with a fixed IP address. What is the best way to protect my system from intrusion? Would it be the SuseFirewall? What about Snort? Is Snort basically a reporting tool or can it too be used to block intruders?
As I understand it, snort is a reporting tool to detect intrusions, but not to actually prevent/block them. You will definately want to investigate SuSEFirewall2. I prefer to write my own iptables firewall rules, but the interface to SuSEFirewall2 is better suited to someone newer to firewalls. If you are not running a server on your machine, you can probably block most traffic into your box, except maybe ssh for remote administration. Have fun, Josh