tk
If you installed a RedHat version 6.x, you do not need to recompile your
kernel to run ipchains.
Unless you have a problem with disk space, you don't need to remove the
software you don't use. Just make sure that you run only the services
that you need. As long as they don't run, they won't be a security hole.
Run ntsysv to configure what services you want running.
Setup the ipchains firewall to DENY everything. Then ACCEPT only
whatever traffic you feel should go through the wall. (Lot's of trial
and error there, to get the legitimate stuff through.) Also, make sure
that you log everything that you DENY. That way you gain two things. 1)
You can see what legitimate traffic doesn't go through the wall and you
can easily understand what to change in your ipchains to let it through.
2) You can know what illegitimate traffic (if any) was DENY'ed and you
may take appropriate action.
When ipchains is up and running, you may also want to give a look at
portsentry. The portsentry software will detect most types of port scan
attacks.
Regards
Gustav
tk dev wrote:
>
> hello
>
> i've finally installed redhat using custom installation (coz i need the x
> window).
>
> anyway, i'll be installing a firewall here. according to the howto,
> i've to recompile my kernel first. my ques is,what program do i delete from
> my server(i.e. what are the essential programs that i should have to do my
> administration work in GUI & at the same time make sure that there are
> minimum holes in my system). What is the best way to delete those programs?
>
> thanks for your help.
>
> rgds
> tk
--
pgp = Pretty Good Privacy.
To get my public pgp key, send an e-mail to: [EMAIL PROTECTED]
Visit my web site at http://www.schaffter.com
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
