[Lincs] Security, viruses etc.
Keith Marshall
keith.d.marshall at ntlworld.com
Tue Aug 24 03:23:20 BST 2004
On Sunday 22 August 2004 8:03 pm, Chris Lingard wrote:
> On Sunday 22 August 2004 14:51, J Simpson V21 wrote:
> > Hi Pete Cooper,
> >
> > Does anyone know if there is a firewall with Redhat9?
>
> Probably, it will use NATS and masquerade
ALL GNU/Linux available today, since Linux 2.0 (i.e. the *kernel* version,
not the distro version) IIRC, have firewall capability built right into the
kernel. With Redhat9, I believe you will have Linux 2.4, so the firewall
will be based on netfilter/iptables. It is configured via a shell script,
which *must* be run by root, to set the packet filtering rules. You can
either set up this script by hand, or use one of the GUI firewall
configuration tools to create it; my personal preference is to create it by
hand, since I then have greater confidence in its integrity.
The subject is much too broad to discuss in a single mail. Google for
"netfilter iptables howto" or "netfilter iptables tutorial" for guidance on
how to set it up.
> > >FTP, SSH, and telnet, SMB
> >
> > I have no idea what the above are, but can anyone direct me on
> > how to turn these off in Redhat9?
> > I always use my everyday username, unless I am doing something
> > specific and it asks me for root.
>
> Turn off unused services; you will need to be root to do this
>
> You can use ftp, ssh and others to make an outside contact; but
> only need the daemons for incomming contacts
>
> Search through the service menu; and turn off as many as you can,
> your machine will run faster too.
Agreed, this is probably easiest for a newbie. I tend to use chkconfig, from
the command line, and maintain the inetd/xinetd configs manually too. Again,
its a matter of confidence in the integrity of the configuration method --
there's more chance of a GUI tool not working as expected. In any case,
whichever method you choose, it is always a good idea to manually verify the
content of the /etc/rc.d/rc[0-6].d directories, (may be /etc/rc[0-6].d in
some distros), to confirm what will be started (S* scripts) and what will be
explicitly killed (K* scripts) for each runlevel, and also to manually check
the configuration of inetd/xinetd, to ensure tcpwrappers won't start anything
you don't want.
Regards,
Keith.
More information about the Lincs
mailing list