[Gllug] Anti-virus

Mark Lowes hamster at korenwolf.net
Wed Oct 23 09:04:33 UTC 2002


On Tue, 2002-10-22 at 19:16, michael norman wrote: 
> How about a machine connected to the net with ntl cable modem ?  Does that 
> make any difference with viruses ?

The connection type is irrelevant :)  Certainly on the spam/open relay
side of things we see just as many attacks against our dynamic dialups
as the static ones.  Being on *DSL or cable modem just means you're
connected for longer so there's a higher probability that you'll be at
the very least probed by someone out there.

> I'm running SuSE 8.1 and all I've done with the firewall that comes with it is 
> tick to enable it when configuring the dial up connection ?

iptables -L -n

will give a list of the chains, but it's going to be worth your while
doing some reading up on how it works and asking a 'friendly' to probe
your network from the outside.

Also don't trust in your firewall, particularly if it's initialised as
part of the connection script and torn down afterwards.  Keep the
machines behind the firewall (including the one it's hosted on) secure
in their own right.

Think onions (or ogres ;)

> Should I look firther into configuring the firewall ?  I know next to nothing 
> of such matters, grateful for advice as to what if anything I need to do to 
> keep the machine safe.

Block everything inbound except for traffic which is as a result of a
connection being initiated from the inside of the firewall.  The punch
inbound holes for other services if you really need to.

-- 
The Flying Hamster <hamster at korenwolf.net>     
http://www.korenwolf.net/
Time is an illusion perpetrated by the manufacturers of space!

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list