Re: Linux security issues?

Mike Frisch (mfrisch@saturn.tlug.org)
Mon, 27 Jan 1997 18:55:19 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Nelson Minar: "how to diagnose persistent hangs in rpc_recv?"
Previous message: Terry Dawson: "Re: Anybody know of user level TCP implementations?"
In reply to: Jason L Tibbitts III: "Re: remove my mail from sendmail queue"

On Sun, 26 Jan 1997, Alan Cox wrote:

> Firstly apply all the Red Hat upgrades like libc. Several of these fix holes
> some fix holes nobody has figured how to exploit (or noticed 8)).

Done.

> Secondly work out who and what services need access to the machine. Set up
> firewalling and start from a policy of deny. I suspect you may incoming
> connections to the web port and ftp ports only.

I have started thinking about this and basically need smtp, nntp, www,
ftp, and ssh. I'm just afraid that I will block out things that other
apps use and I don't realize it (ie. some udp ports under 1024)

> Thirdly make sure your router to the net drops any packets that come in
> from your provider with a source address that is on your local network.

I believe I have this under control.

Thanks for the info!

Mike.

======================================================================
Mike Frisch Email: mfrisch@saturn.tlug.org
Northstar Technologies WWW: http://www.io.org/~mfrisch
Newmarket, Ontario, Canada

Next message: Nelson Minar: "how to diagnose persistent hangs in rpc_recv?"
Previous message: Terry Dawson: "Re: Anybody know of user level TCP implementations?"
In reply to: Jason L Tibbitts III: "Re: remove my mail from sendmail queue"