2 Jun
2003
2 Jun
'03
20:32
On Monday 02 June 2003 11:26 am, Matt Stamm wrote:
My desktop Linux system (Suse 8.1) is connected to a DSL line with a fixed IP address. What is the best way to protect my system from intrusion? Would it be the SuseFirewall? What about Snort? Is Snort basically a reporting tool or can it too be used to block intruders?
I would suggest using SuSE firewall and then using snort to monitor activity. The idea is to see which ports you need to open or close in order to fine tune the firewall. This way you can shutdown/restrict some ports and others can be assigned specifics. If you notice suspicious activity on a port or from an address that isn't explicitly needed you can then plug that hole, and so on. HTH, Curtis.