10 Nov
2001
10 Nov
'01
08:41
Hi list - last day I setup a new box with fix IP and one NIC to the internet. (Newest 2.4.X kernel with actual netfilter). Too keep it simple,the only thing I do on the internet is to regulary ping a certain server to check its heartbeat. I closed all incoming traffic (icmp,tcp,udp) which was not initiated by my using "iptables -m state" flag. netstat -an | grep -i listen | wc -l shows -> 0 Is it right, that the only way to comprise my system is to hijack a session i initiate or to exploit vulnarabilities in TCP/IP-stack/netfilter implementation or - when not where an attacker can hurt me too ? Michael