On 28 Feb 2007 05:38:27 -0800, Jordi <[EMAIL PROTECTED]> wrote:
Hello, I just managed to configure my server and router and ips yesterday and now I have questions about security. I did a scan of ports and saw the only open are the ones I opened. I also set my router firewall to "standard". 1) Must I CLOSE the ports that I don't use? Or just let them not forwaded? (they appeared as STEALTH in the ports scan) 2) Should I use an extra firewall in my server plus the one that my router has ? What about Firestarter? Any other good GPL firewall? 3) Should I adjust the firewall in my router to something custom, not standard, and what do you recommend me? 4) I fear intruders and specially ddos. I saw a IDS called Snort that many people use. What do you think? Any other good GPL IDS? 5) Now that I have the server running, y suppose I must stop using gksudo and use only sudo. Not? Thanks for your answers. Jordi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi, Personally, i use shorewall firewall (it can be downloaded with apt) and i find it really good, it is also well documented and you can always find help at the mailinglist. Check it out, http://www.shorewall.net/ I really have little experience in this, so i ´ve never used any kind of IDS. As for the unused ports, in every site of security, it is shown as a good practice to close all ports unused to reduce the system vulnerability and only open the ones that are strictly necessary, i agree with these practice too. Hope it hepls. Javier
