Jordi wrote: > Hello, > > I just managed to configure my server and router and ips yesterday and > now I have questions about security. I did a scan of ports and saw the > only open are the ones I opened. I also set my router firewall to > "standard". > > 1) Must I CLOSE the ports that I don't use? Or just let them not > forwaded? (they appeared as STEALTH in the ports scan)
RFC says stealth should never be used. > 2) Should I use an extra firewall in my server plus the one that my > router has ? What about Firestarter? Any other good GPL firewall? Firestarter and other Linux based firewalls are when you want to build a firewall for your network. You cannot build a firewall for just the computer you want to firewall: Firewalls, by nature, must be on dedicated hardware to work. Thus, ZoneAlarm, Kerio, BlackICE, Windows Firewall, etc, are guilty of false advertising at best, and gross misrepresentation at worst. http://samspade.org/d/firewalls.html > 3) Should I adjust the firewall in my router to something custom, not > standard, and what do you recommend me? Follow the relevant RFCs. > 4) I fear intruders and specially ddos. I saw a IDS called Snort that > many people use. What do you think? Any other good GPL IDS? IDS must run on the firewall to be effective. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
