[SLE] password paranoia
Linux users: I am paranoid about being port scanned. Mainly because I don't understand what exactly that is but I do wish to have as secure of a network as possible. One thing I do is log on with all the accounts I intend to use on my Linux machine BEFORE I connect to the internet with ADSL. I simply haven't taken the time yet to read all the security literature that I have currently. Is there something that is more or less a quick read to get one started? I wish to have my Linux box as a firewall and the gateway eventually. Mark -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
At 08:37 23/04/2000 -0400, Mark B Withers wrote:
Linux users:
I am paranoid about being port scanned. Mainly because I don't understand what exactly that is but I do wish to have as secure of a network as possible.
maybe you can use portsentry (Search it at www.freshmeat.net), to give you protection against port scanning. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
I'm on 24/7 using ADSL with DHCP. I am using the standard SuSE setup with all its default protection. When I use the server 'port scan' websites that will check out your connection they report that they can't even tell if there is a computer at my address. JLK On Sun, 23 Apr 2000, you wrote:
Linux users:
I am paranoid about being port scanned. Mainly because I don't understand what exactly that is but I do wish to have as secure of a network as possible.
One thing I do is log on with all the accounts I intend to use on my Linux machine BEFORE I connect to the internet with ADSL.
I simply haven't taken the time yet to read all the security literature that I have currently. Is there something that is more or less a quick read to get one started?
I wish to have my Linux box as a firewall and the gateway eventually.
Mark
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- __ _ / / (_)__ __ ____ __ / /__/ / _ \/ // /\ \/ / Jerry L Kreps /____/_/_//_/\_,_/ /_/\_\ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Wow! That's interesting! I'm using all the default settings in S.u.S.E. also. I've heard that VPN won't work with ADSL for certain reasons. I guess having that type of connection has its benefits. :) Mark On Sun, 23 Apr 2000, Jerry and June Kreps wrote: | I'm on 24/7 using ADSL with DHCP. | I am using the standard SuSE setup with all its default protection. | When I use the server 'port scan' websites that will check out your | connection they report that they can't even tell if there is a | computer at my address. | JLK | | On Sun, 23 Apr 2000, you wrote: | > Linux users: | > | > I am paranoid about being port scanned. Mainly because I don't | > understand what exactly that is but I do wish to have as secure of a | > network as possible. | > | > One thing I do is log on with all the accounts I intend to use on my | > Linux machine BEFORE I connect to the internet with ADSL. | > | > I simply haven't taken the time yet to read all the security | > literature that I have currently. Is there something that is more or | > less a quick read to get one started? | > | > I wish to have my Linux box as a firewall and the gateway eventually. | > | > Mark | > | > | > -- | > To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com | > For additional commands send e-mail to suse-linux-e-help@suse.com | > Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/ | -- | __ _ | / / (_)__ __ ____ __ | / /__/ / _ \/ // /\ \/ / Jerry L Kreps | /____/_/_//_/\_,_/ /_/\_\ | | | | -- | To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com | For additional commands send e-mail to suse-linux-e-help@suse.com | Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/ | | -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Hello, everyone. I too have DSL (I'm pretty sure it's ADSL), and VPN works just fine. You do need to use NAT to redirect incoming port 500 to your VPN client machine, assuming your VPN setup uses ISAKMP to negotiate the session key. This allows the VPN server to initiate its own connection back to the client so the client can validate itself and establish a key for that particular session. As a matter of convenience, I used the Cisco 675's built in NAT to achieve this, rather than using my Linux box. My SuSE box was undergoing a major overhaul when DSL arrived, so I missed out on setting all that stuff up under Linux. If I ever have to move to a cable modem, I'm sure I'll need to do it all then. Bye for now, Stuart.
-----Original Message----- From: Mark B Withers [mailto:gooober@one.net]
I'm using all the default settings in S.u.S.E. also. I've heard that VPN won't work with ADSL for certain reasons. I guess having that type of connection has its benefits. :)
Mark
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
On Sun, Apr 23, 2000 at 08:37:23AM -0400, Mark B Withers wrote:
Linux users:
I am paranoid about being port scanned. Mainly because I don't understand what exactly that is but I do wish to have as secure of a network as possible.
Port scanning is just checking which ports you have open on a system. There is no real danger in that by itself. The thing is, an open port indicates a service being offered, and most services are associated with a well-known port number (telnet on port 23, http on port 80, etc.). Thus, if someone knows that a well-known port is open then they can infer that a particular service is being offered. If they also happen to know of a bug in that service, then they can try to use that bug to break in, if they're that sort of person.
One thing I do is log on with all the accounts I intend to use on my Linux machine BEFORE I connect to the internet with ADSL.
That is not really necessary. If "they" can monitor your logins to your own box then you've already been cracked and have other things to worry about. :)
I simply haven't taken the time yet to read all the security literature that I have currently. Is there something that is more or less a quick read to get one started?
I wish I did, it would have been a big help. If you have something like nmap (there's an rpm on the SuSE CDs in the "sec" section) you can portscan yourself by typing, "nmap localhost". I recommend this. If you want to know more about how to protect your system there's nothing like looking at it from the crackers' point of view. If you're using a 2.2 kernel another thing you could do is add a couple ipchains rules to log _everything_ and view the resulting log files. I did this & it helped me a lot to understand how all the networking stuff works. Beware though, this will produce one line in the log for every packet! It can make the log grow quickly so make sure you have the space. /sbin/ipchains -I input -l /sbin/ipchains -I output -l ... will do the trick. Do that and then the nmap thing for example, or a little web surfing. To remove those rules, /sbin/ipchains -R input 1 /sbin/ipchains -R output 1 ... should work, assuming you haven't added any more rules. These just remove the 1st rules in the lists. I put these commands in a couple scripts so I could turn logging on and off easily whenever I wanted to experiment. /sbin/ipchains -L -nv .. will list the existing rules in all the chains without changing anything. If you're using the scripts from the SuSE firewall package, that last ipchains command is a good thing to do anyways. If you're going to use your box as a firewall you will have to learn ipchains at some point regardless, and you can use the firewall setup as an example. Of course, looking at the /sbin/init.d/firewall script is a good idea in this case as well.
I wish to have my Linux box as a firewall and the gateway eventually.
You might want to take a look at http://dslreports.com/ . They have a lot of resources for DSL. (Cable and other broadband people might find it interesting as well.) In particular, they link to http://www.secure-me.net/ from which you can request a scan be run against your box. This will give you a report you can use to help you evaluate your setup. -John -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (5)
-
Anonymous User
-
irwanhadi@iname.com
-
JerryKreps@alltel.net
-
jmgrant@primenet.com
-
stuart@yorkshirepudding.com